Warning! Assm Ransomware is Another Djvu Clone
Our team discovered Assm, a ransomware belonging to the Djvu family, while examining malware samples submitted to online threat databases. This malicious software prevents victims from accessing their data by encrypting it and appending its extension (".assm") to filenames.
The ransom note dropped by Assm urges victims to contact the attackers within 72 hours in order to receive decryption tools and a unique key for $490. It provides two emails for contacting them: support@freshmail.top and datarestorehelp@airmail.cc. Additionally, it states that after 72 hours this price will increase to $980.
Victims can also send one encrypted file for free decryption, however it should not contain valuable information and be larger than 1 MB. The ransom note is named "_readme.txt" and is dropped alongside other malware variants such as RedLine and Vidar.
Assm renames files by adding its extension (".assm") at the end of each filename; for example "1.jpg" becomes "1.jpg.assm", "2.png" becomes "2.png.assm", and so forth.
Table of Contents
The Assm ransom note and ransom demands
The complete text of the ransom note generated by the Assm ransomware reads as follows:
ATTENTION!
Don't worry, you can return all your files!
All your files like pictures, databases, documents and other important are encrypted with strongest encryption and unique key.
The only method of recovering files is to purchase decrypt tool and unique key for you.
This software will decrypt all your encrypted files.
What guarantees you have?
You can send one of your encrypted file from your PC and we decrypt it for free.
But we can decrypt only 1 file for free. File must not contain valuable information.
You can get and look video overview decrypt tool:
hxxps://we.tl/t-wY6g3rkhZz
Price of private key and decrypt software is $980.
Discount 50% available if you contact us first 72 hours, that's price for you is $490.
Please note that you'll never restore your data without payment.
Check your e-mail "Spam" or "Junk" folder if you don't get answer more than 6 hours.To get this software you need write on our e-mail:
support@freshmail.topReserve e-mail address to contact us:
datarestorehelp@airmail.ccYour personal ID:
How can you protect your files from ransomware variants similar to Assm?
In order to protect your files from ransomware variants similar to Assm, it is important to take the necessary security measures. First and foremost, it is essential to keep all software up-to-date with the latest security patches. Additionally, users should always use a reliable antivirus program and scan their systems regularly for any malicious activity.
Furthermore, users should back up their data on an external hard drive or cloud storage service in order to have a copy of their data in case of an attack. It is also important to be aware of phishing emails and other suspicious activities online as they can be used by attackers to spread ransomware. Finally, users should avoid downloading files from untrusted sources and clicking on unknown links as these could contain malicious code that could lead to a ransomware infection.
How is ransomware like Assm distrubuted and spread?
Ransomware like Assm is typically distributed and spread through malicious emails, malicious websites, exploit kits, and other malicious software. Attackers often use social engineering techniques to trick victims into downloading and executing the ransomware. Malicious emails may contain links or attachments that appear to be legitimate but are actually malicious. Malicious websites can also be used to download ransomware onto a victim's computer. Exploit kits are automated tools that scan for vulnerable systems and then exploit them in order to install malware such as ransomware. Finally, other malicious software such as Trojans can be used to download and execute ransomware on a victim's system.
