0 Replies Latest reply on Apr 21, 2016 4:37 AM by bsys

    New ransomware ?! "momsbestfriend"


      I have a pc infection with a new ransomware.


      no extension change on files, and apprears 2 files in all encrypted directories:





      dateNFECCIONZ.txt contains this text:



      YourID: NUMBERS


      USER: USER


      Hi there


      Your files are now encrypted. I have the key to decrypt them back.

      I will give you a decrypter if you pay me. Email me at:

      momsbestfriend@protonmail.com or torrenttracker@india.com


      If you don't get a reply or if both emails die, then contact me using a guaranteed, foolproof Bitmessage:

      download it form here https://github.com/mailchuck/PyBitmessage/releases/download/v0.5.8/Bitmessage-0. 5.8.exe

      Run it, click New Identity and then send me a message at BM-NBvzKEY8raDBKb9Gp1xZMRQpeU5svwg2

      Just remember that Bitmessage is slow, it takes 5 minutes to send a message and 15 to get a reply.





      W7 Pro

      EPO 5.02.188 (Combating Ransomware - Rev H in place)

      VSE SP7

      Engine 5800.7501

      DAT 8141


      Dont have any threat event and cant find any info about this.

      Anyone have detect that or more info ?