Although the ransom message the Viacrypt Ransomware uses is written in English, the payment page it refers to users does not feature an English translation and, instead, the text presented there is in Latvian. This might mean that the primary victims of the ViACrypt Ransomware will be Latvian users, but this is yet to be confirmed, and we advise users worldwide to take the necessary measures to protect their data from the ViACrypt Ransomware and similar file lockers.
‘Your system files has been encrypted and only way to recover them is by purchasing unlocking key.
Steps to gain access for files:
1) Please follow this page: xxxx://sigmalab.lv/other/crypt/payment_request.php
2) Upload your public encryption key
3) Download decryption key
4) Drag and drop key on crawl.exe
5) Wait for files to be unlocked in background’
When the ViACrypt Ransomware’s payload is deployed to a computer successfully, the threat will proceed to carry out its complicated attack whose final goal is to leave the victim with thousands of encrypted documents, images, archives, text files, spreadsheets, databases, and other popular file formats. Besides encrypting the contents of the files, the ViACrypt Ransomware also will append the ‘.via’ extension to the name of the locked files, and then wipe out the Shadow Volume Copies to stop tech-savvy users from using 3rd-party file recovery software to mitigate some of the damage that the ViACrypt Ransomware has done. The ransom note the ViACrypt Ransomware uses can be found in the file ‘your system has been encrypted! please read further instruction!.txt’ and, in addition to it, the threat also will create a file named ‘your_encryption_public_key.rkf’ that must be uploaded to the payment portal, which the ViACrypt Ransomware refers users to.
We don’t have information regarding the amount of money that the ViACrypt Ransomware’s operators demand, but we’d like to remind you that opting to send money to cyber crooks is not a reasonable solution because there’s no guarantee that the perpetrators of the attack will not just trick you out of your money. Instead of confiding anonymous cyber crooks, victims of the ViACrypt Ransomware should use a credible anti-virus software suite to dispose of the corrupted components stored on their computers immediately.