JHBG Ransomware Joins the STOP/Djvu Ransomware Family
Like its sister STOP/Djvu variants, JHBG Ransomware renders its victims’ files, including photos, music, documents, and video data, inaccessible.
JHBG Ransomware spreads via several methods, including phishing campaigns, bundled software, and malicious websites. Once installed, the victim’s files are encrypted using the AES-256 encryption algorithm. The ransomware will further append the .JHBG extension to the encrypted files, which is the basis for its name.
Affected users will also find a ransom note on their desktop that asks victims to pay $980 to restore the files. According to the note, the ransom demand can be cut in half to $490 if communication via ‘restorealldata@firemail.cc’ or ‘gorentos@bitmessage.ch‘ is established within 72 hours after infection.
Should victims contact them using the provided emails, JHBG’s Ransomware operators will offer to decrypt one file for free to prove their ability to unlock all affected files. Paying the ransom or even establishing contact with the hackers is not advisable, as there is no guarantee that you will ever receive a file decryptor and regain access to your files.
How Do I Deal with a JHBG Ransomware Attack?
We strongly suggest victims of JHBG Ransomware scan for and remove elements of this dangerous ransomware infection by using a reputable malware remediation tool. You can also protect yourself from future attacks by backing up your critical files on either the cloud or an external hard drive.
If you are still having trouble, consider contacting remote technical support options.
