Viruses

Tghz Ransomware is a type of malware that encrypts files on a computer and demands payment in exchange for the decryption key. It belongs to the Djvu/STOP ransomware family, which is known for its wide distribution and high infection rates. Tghz Ransomware encrypts various file types, such as documents, images, and videos, and adds the .tghz extension to the affected files. It uses the Salsa20 encryption algorithm, which is not the strongest method, but still provides an overwhelming amount of possible decryption keys. To brute force the 78-digit number of keys, you need 3.5 unvigintillion years (1*10^65), even if you use the most powerful regular PC. Once the encryption process is complete, Tghz Ransomware conveniently leaves a ransom note named _readme.txt. The ransom note provides payment information and the threat, including how to send payment, how much you need to pay, and what happens if you don't pay. The ransom amount ranges from $490 to $980 (in Bitcoins).

Bhtw Ransomware is a new variant of the STOP/Djvu ransomware family that encrypts files and adds the .bhtw extension to their names. This way, after encryption file, for example 1.doc will get a suffix and will become 1.doc.bhtw. The ransomware is distributed via spam email containing infected attachments, fake software cracks, or by exploiting vulnerabilities in the operating system and installed programs. Once the ransomware infects a computer, it encrypts all popular file types, including videos, images, documents, audio files, and archives. After encryption, it generates a ransom note in the form of a text file named _readme.txt. The ransom note contains instructions on how to pay the ransom to get the decryption key.

Udaigen Ransomware is a type of malware that encrypts files and demands payment for decryption. It adds its specific extension .jcrypt, to every file it encrypts. Unfortunately, there are no known decryption tools for Udaigen Ransomware at this time. The encryption method used by this ransomware is currently unknown. To prevent further encryption by Udaigen ransomware, it is essential to remove it from the operating system. However, removing the ransomware will not restore the compromised files. The only solution is to recover the files from a previously created backup stored in a different location. We highly recommend storing backups in multiple separate locations, such as remote servers or unplugged storage devices, to prevent permanent data loss. Malware creates ransom note ___RECOVER__FILES__.jcrypt.txt and displays pop-up window with information to contact the hackers.

Bhgr Ransomware is a file-encrypting virus and a variant of the STOP/Djvu ransomware family. It encrypts files and appends the .bhgr extension to their original filenames. It uses advanced RSA and AES encryption algorithms to lock files of infected PCs, making it impossible to unlock files without knowing the unique private decryption key generated by the computer. Unfortunately, at this time, there are no decryption tools available for Bhgr Ransomware. However, Emsisoft provides free ransomware decryption tools that may work with specific ransomware versions. Bhgr Ransomware generates a ransom note in the form of a text file named _readme.txt. The ransom note contains instructions on how to pay the ransom in exchange for a decryption key that can unlock the encrypted files.

Bhui Ransomware is a type of malware that encrypts files on a victim's computer and demands payment in exchange for a decryption key. Bhui ransomware is part of the STOP/Djvu ransomware family and is spread through malicious files disguised as freeware, key generators, and hacked games, which are commonly found on file-sharing and torrent sites. Once installed, Bhui encrypts all files on the victim’s computer, adding the .bhui extension to the filenames. For example, a file named 1.jpg gets renamed to 1.jpg.bhui, and 2.png becomes 2.png.bhui. Bhui ransomware encrypts files using a strong encryption algorithm called Salsa20. The encryption algorithm is complex and makes it difficult to decrypt files without the decryption key. In addition to file encryption, Bhui generates a ransom note, a text file called _readme.txt. The ransom note emphasizes that file decryption is only possible with the use of specific decryption software and a unique key.

Ahtw Ransomware is a type of malware that encrypts files on a victim's computer and then demands payment in exchange for the decryption key. Once the ransomware infects a system, it can quickly encrypt files without the user's knowledge, making it difficult to detect the infection until it is too late. The ransomware is associated with the STOP/Djvu family and is often distributed alongside other malware, including RedLine or Vidar. Once the encryption process is complete, Ahtw Ransomware renames each encrypted file by adding the extension .ahtw to its name. The criminals behind Ahtw Ransomware demand a ransom of $980 in exchange for the key and decryptor, which they claim is the only way to decrypt the encrypted files. Ahtw ransomware creates a ransom note named _readme.txt in each affected directory. The ransom note provides details on how to reach out to the attackers and instructions for making a ransom payment.

TmrCrypt0r is a ransomware virus that belongs to the Xorist ransomware family. It encrypts important personal files, such as photos, videos, and documents, and adds the .TMRCRYPT0R extension to every file's name. Once the files are encrypted, they become inaccessible and cannot be opened without decryption. After encrypting the files, TmrCrypt0r creates a ransom note that provides payment information and the threat of what will happen if payment is not made. The ransom note is usually found in a text file or a pop-up window and prompts the victims to pay a ransom in exchange for the decryption key.

MiniMe Ransomware is a type of malware that encrypts files on a victim's computer and demands payment in exchange for the decryption key. It is a relatively new ransomware strain that was first discovered in 2023. The ransomware is, probably named after the popular movie character "Mini-Me" from the Austin Powers series. MiniMe Ransomware adds the .minime extension to encrypted files. For example, a file named example.doc would be renamed to example.doc.minime after encryption. MiniMe Ransomware uses a combination of RSA and AES encryption to encrypt files on a victim's computer. MiniMe Ransomware creates a ransom note named read_it.txt in each folder that contains encrypted files. The ransom note contains instructions on how to pay the ransom and obtain the decryption key.