The ransomware assembly line known as the STOP/Djvu Ransomware family strikes again this week with anotherits latest variant, UTJG Ransomware. Like other strains under the STOP/Djvu umbrella, it gets its name based on the ‘.UTJG’ extension it appends to infected files. For example, a “picture.jpeg” file affected by the ransomware would be renamed to “picture.jpeg.UTJG”.
UTJG Ransomware operates identically to its counterparts in the STOP/Djvu family and encrypts files before making a ransom demand. The encrypted files may include databases, spreadsheets, archives, pictures, and videos. After file encryption, the ransomware operators also deliver a ransom note named “_readme.txt,” which contains information regarding the ransomware and the hackers’ ransom demands.
The Ransom Demand Associated with UTJG Ransomware
UTJG Ransomware’s operators promise a decryption key to unlock files in exchange for $980. However, they do offer a 50% discount if victims establish communication within 72 hours after encryption. The ransom note provides 2 emails to contact the hackers, which are: helpmanager@mail.ch and restoremanager@airmail.cc. Like most ransomware operators, the hackers behind UTJG Ransomware offer to decrypt one file for free to display their ability to unlock all the affected files should the victim pay up.
How to Survive a UTJG Ransomware Attack
Although cooperation with the hackers may seem like the easiest path to take towards file restoration, we strongly suggest that ransomware victims never establish contact with hackers. Instead, you should employ a reputable malware remediation program to scan for and rid their system of the destructive UTJG Ransomware.
