According to the note, the sole method of recovering the compromised data is purchasing the decryption tools. The ransom-demanding message informs victims that their files have been encrypted. Screenshot of files encrypted by Tohj ransomware: Afterwards, a ransom note named " _readme.txt" was created. tohj" extension, e.g., a file originally titled " 1.jpg" appeared as " 1.jpg.tohj", " 2.png" as " 2.png.tohj", etc. The filenames of the affected files were appended with a ". Once we executed a sample of Tohj on our test system, it began encrypting files. Ransomware encrypts data and demands payment for decryption. ![]() Our researchers discovered yet another malicious program - Tohj - belonging to the Djvu ransomware family while inspecting new submissions to VirusTotal.
0 Comments
Leave a Reply. |