The Sequre Ransomware (based on the CryptoConsole Ransomware or also known as the Uncrypte Ransomware) is a threatening file-locker whose sole purpose is to encrypt all files they can on the attacked computer. The threat does this to be able to offer a pricy file recovery option, which victims can take advantage of to get their data back. The authors of the Sequre Ransomware have set the price of the decryptor to 0.14 BTC but, thankfully, paying the price might not be needed since malware researchers have managed to crack the Sequre Ransomware’s encryption successfully and they have released a fully functional piece of file-decryption software.
The authors of the Sequre Ransomware seem to have plagiarized the design choices used by the authors of the Globe Ransomware when it comes to the ransom note. Although both threats use identical styles for their ransom messages, you can rest assured that the way they operate is completely different. It is likely that the Sequre Ransomware is being spread with the help of corrupted e-mail messages, which contain a cleverly disguised payload.
When the Sequre Ransomware is launched on an unprotected PC, the threat will start to work in a background process, therefore allowing it to cause the maximum amount of damage before it reveals its presence. The attackers provide the ransom message via a file ‘HOW DECRIPT FILES.hta,’ which should be available on the desktop when the attack is complete. The victims also might notice another change regarding the names of their files – all corrupted files will have the extension ‘[email protected]_[RANDOM 9 CHARACTERS A-Z and 0-9].’ A separate variant of the Sequre Ransomware appears to use an alternative e-mail address for contact – [email protected]
Victims of the Sequre Ransomware should be able to get their files back by using a credible anti-malware tool to dispose of the threatening application. Then, they need to download the ‘CryptoConsole Decrypter,’ which is compatible with the current version of the Sequre Ransomware.