The XCBG Ransomware Joins the Ever Growing STOP/Djvu Ransomware Family.
Ransomware attacks have grown in frequency over the past several years, and a major reason for that has been the prolific STOP/Djvu Ransomware family. This group of ransomware strains often releases updated versions of its malicious code, and so another addition to the family is XCBG Ransomware.
This ransomware strain works identically to the other STOP/Djvu Ransomware family members. It spreads mostly via spam emails, social engineering, and compromised websites, like other similar infections.
After users unwittingly download XCBG Ransomware, they will find their files have been encrypted and rendered inaccessible. They will notice that the affected files have been appended with the telltale ‘.XCBG’ suffix, and that there’s a ransom note on their desktop in the form of the ‘_readme.txt’ document. The hackers will request that victims pay $980 for file decryption. However, they are willing to lower the price to $490 in return for prompt payment within 72 hours.
The ransomware owners also provide the victim with contact information: helpteam@mail.ch and helpmanager@airmail.cc. Should victims engage in communication, they will be asked to send one locked file to be decrypted for free as proof that the ransomware operators can unlock the affected files. We strongly recommend that you do not communicate with the hackers and refrain from paying any ransom. Paying does not guarantee file decryption or resolution to the problem.
If your files happened to be encrypted with an offline encryption key, it might be possible to decrypt them with a public decryption tool developed for the STOP/Djvu Ransomware infection by security software companies. However, hackers regularly update their ransomware, so if XCBG Ransomware used an updated encryption key, the public decryption tool may no longer work.
How Do I Deal with an XCBG Ransomware Attack?
We strongly recommend that users keep backups of their files to mitigate the trouble caused by ransomware infections. A file backup will provide you quick access to your files should your device be infected. We also recommend that you use a reputable anti-malware tool to regularly scan for and remove infections like XCBG Ransomware from your system.
