The STOP/Djvu Ransomware family strikes again with MAOS Ransomware. Like other associated strains of the prominent malware threat, this ransomware locks files and then demands a ransom fee to restore file access. Malicious programs like MAOS Ransomware can be distributed via software bundles, so if you tend to download freeware or pirated apps distributed via torrent or cracked software sites, you may end up installing similar threats.
MAOS Ransomware locks most of the popular file types, including photos, music, documents, and videos. During the file encryption process, MAOS Ransomware adds the .MAOS extension to affected files and leaves a ransom note on the user’s desktop and in every folder that contains encrypted files.
Once downloaded and installed, MAOS Ransomware employs the AES encryption algorithm to lock up target files. Information stealers like Vidar and RedLine are commonly deployed alongside ransomware, allowing hackers to access sensitive user information before encrypting the files. Therefore, it is possible for MAOS Ransomware to employ similar tools as well.
After the encryption has been completed, the infection will demand a ransom in order for victims to obtain a decryption key. The decryption key costs $980, but the ransomware’s operators will offer a 50% discount, and only charge $490, if the victim contacts them within the first 72 hours after infection.
The hackers can be contacted at support@fishmail.top and datarestorehelp@airmail.cc. We discourage establishing contact with the hackers however, as there is no guarantee that they will provide decryption tools after payment or even communicate with you. It is important to note that the MAOS Ransomware does not just encrypt data; it also attempts to delete all shadow copies of the affected files stored on your computer. This can make recovery of your documents and data extremely difficult, if not impossible.
It is highly recommended that you never attempt to pay a ransom for a decryption key as this does not guarantee the encrypted file access – in fact, it may even increase the risk of further attacks.
How Do I Deal with the MAOS Ransomware Infection?
To protect yourself from the MAOS Ransomware attack, you should practice safe web browsing habits like refraining from opening email attachments from unknown senders and downloading programs from unreliable sources. You should also have a reputable malware remediation tool installed on your computer. That way, you can regularly scan for elements associated with this troublesome ransomware infection and other malware. Also, to reduce the potential damage of a future ransomware infection, please consider backing up your files on an external hard drive or cloud storage.