My files encrypted with hhjk Ransomware
My files encrypted with hhjk Ransomware |
What happened to my files?
A strange extension "HHJK" has been added to your files, and you can't open your files.
So, you think your files are locked ?!.No, your files are totally encrypted by a Ransomware affect, which generate a new extension belongs to some types of malwares.
These type of attack can lock /encrypt/ damage your files (videos, images, documentations) and whatever you think. Then your file name will end by a new extension, So you can’t obtain access to them at all.
By adding its own extension to all the encrypted data. For example, the file “timesheet.xls and video.mp4” will be titled as “timesheet.xls.hhjk and video.mp4.hhjk”.
When the encryption is accomplished, it will put text document (_readme.txt) inside each folder that contains the encrypted files.
The used technique for file's encryption will release a unique decryption key, it is different for each computer system.
The needed decryption key is hosted on a special server under the total control by the attackers, who have actually launched the ransomware into the internet joined by the victim id, the users are told to contact the attackers through an e-mail or by telegram to pay the ransom in the quantity of $980 and this quantity will have 50% discount rate, that mean the ransom amount falls to $490 if the victim pay for them within 72 hours.
We highly recommend that you do not pay the ransom, There is no warranty that these online cyber criminals will keep their promises, the victims may lose their money for nothing.
Also, It's not recommended to contact the scammers as they instruct. Do not send them your money.
Malware ID :
- Type of : Ransomware
- Family: STOP/DJVU
- Description: Locks all the data stored on your system and requires a money ransom to be paid on your part supposedly to recover your important files.
- Encryption: File encryption is performed by means of the AES-1024 algorithm encryption. Once the encryption is completed, to adds its special extension to all the files modified by it.
- Distribution Method: Adware bundles and software cracks.
The Web is now loaded with infections comparable to the virus. It's recommended for you to frequently make backups of all your essential documents to an external storage. like, the USB Flash Drive, external hard disk drive, or using the cloud data storage services. Keeping the backups on your system drive is very risky.
📌 Table of Content
- What happened to my files?
- How did hhjk they reach My computer system?
- How to Protect our systems from the hhjk Cyber attack?
- Is there a way for hhjk Removal?
- How to Decrypt hhjk files that are encrypted By DJVU Ransomware Decryptor?
- Is there any Recovery tools used for hhjk virus Online encryption ID ?
How did hhjk reach My computer system?
How to Protect our systems from the hhjk Cyber attack?
Is there a way for hhjk Removal?
I talked before in mango school blog that you can remove hhjk ransomware virus from your system
To Remove Stop Djvu (hhjk) virus from windows10
To Remove Stop Djvu (hhjk) virus from windows 7
After you successfully remove it, install antivirus to protect your files.
- If you are not yet able to remove the virus, scan your pc with any malware protection and remove the virus or install a new Windows to avoid any new data encryption.
- If you have an activated shadow copy, you will be able to recover your files from it.
- You have to Change all your passwords used on the infected device because the ransomware or virus will pull the passwords stored in your browser and send them to the gangs.
STOP / DJVU will leave a files belong to the ransom attackers with your files, this file named (_readme.txt), and contain some steps to recover your files:
How to Decrypt hhjk files that are encrypted By DJVU Ransomware Decryptor?
STOP (Djvu) has two versions.
- In case you have ONLINE ID:
Decryption of new Djvu Ransomware is impossible if infected by an ONLINE KEY without paying the criminals for that victim’s specific private key...these keys are unique for each victim and randomly generated in a secure manner. Without the master private RSA key that can be used to decrypt your files, decryption is impossible...the key cannot be brute-forced and there is no way to gain access to the criminal's command server and retrieve this KEY.
Is there any Recovery tools used for hhjk virus Online encryption ID ?
id-ransomware
bleepingcomputer