Шифровальщик Stampado Ransomware

[pimenov]

Добрый день!
Пришел на почту вирус: Stampado Ransomware
После его запуска зашифровались файлы и появился текстовый файл How to recover my files:
Много букв:

All your files have been encrypted!

All your documents (databases, texts, images, videos, musics etc.) were encrypted. The encryption was done using a secret key 
that is now on our servers.

To decrypt your files you will need to buy the secret key from us. We are the only on the world who can provide this for you.

Note that every 6 hours, a random file is permanently deleted. The faster you are, the less files you will lose.

Also, in 96 hours, the key will be permanently deleted and there will be no way of recovering your files.

What can I do?

Contact us by email telling your ID (below) and wait for us to send the instructions.

Contact us by: ћТИћ

As a proof, you can send one encrypted file, so we will send it back decrypted. Use it as a guarantee that we can decrypt your files.

Предыстория: письмо пришло сначала с адреса:babylonelite16@gmail.com
Но в нём фигурировали адреса: admin_babylongaming@mail2tor.com и support_babylongaming@mail2tor.com.
Затем пришло такое письмо:
We had issues with the last 2 uploads it seems we had been infected with a
malware with a message to email stampedosupport16@mail2tor.com
to get files unlocked.
we have fixed the issues now and this is fully working and tested
You will need to turn off windows defender and add the file as an
exception in your AV or turn it off
this new update will install over the last one and remove any issues.
i would try web installer first as its more stable at the moment

this is the new link :

download: https://mega.nz/#!fJcyjRgK
decryption key : !ALEOnoLr5dW7RHaD8aOrG5uPJyPGvuv03mX8Vi9EGtw

Password to the rar file is : gaming

Шантаж о расшифровки файлов идет с адреса: stampedosupport16@mail2tor.com

Письмо от злоумышленника с вымогательством (от stampedosupport16@mail2tor.com):
you havE been hacked by h4ckse7en
you havE been sent here from hacked account/software/email which has
encypted your personal files
this can only be unlockd by us - attempts to remove it will leave files
permantly encrypted
you havE 96 hours untll all files are permantly crypted
unlock this you need 2 pay for your key which is unique to each ID

PAYMENT BY BITCOIN ONLY

PERSONAL COMPUTERS:

0.5 BITCOINS

BUSINESS COMPUTERS:

pay within 0-24hrs: 1.50 bitcoin
pay within 24-48hrs: 3.50 bitcoin
pay within 48-72hrs: 6.00 bitcoin
pay within 72-96hrs: 10.00 bitcoin

After 96 hours files can not be retrieved

WE CAN CHECK FILES AND ID IF YOU ARE A BUSINESS . IF A BUSINESS PAY FOR
PERSONAL COMPUTER RATE
THERE FILES MAY BE LOCKED PERMANTLY. BE AWARE


To buy bitcoins search google. localbitcoins is fastest, after buying
bitcoins they will be in your wallet in
account on the site.


send the bitcoins to the wallet address: 15dVCqnjV9NzontYkzFzebTJWNUU5WrfK8

****************************************************
once you havE paid send an email to stampedopayment@mail2tor.com with
PAID and your ID in the title to recieve your unlock key
include also transaction id and your email address in the email to prove
payment .
***************************************************

NO EMAILS WILL BE REPLIED TO AT THIS ADDRESS

stampedopayment@mail2tor.com will only respond to emails marked PAID
with a valid transaction ID

we do not negotiate. Do not beg or Haggle. this is a set price to release
your key.
otherwise you lose all files. this has also infected your USB port so
network keys and external harddrives are also infected.

if you can not pay you have to work. you have to infect 20 computers.
h4ckse7en

Куда можно пожаловаться на мошенников?
И подскажите, как возможно расшифровать мои файлы, зная id? С помощью decrypt_stampado  ничего не получилось.

Изменено 31 августа, 2016 пользователем Sandor

[Sandor]

Здравствуйте!

 

 

 

Куда можно пожаловаться на мошенников?

Ознакомьтесь со статьей.

 

Здесь же прочтите и выполните Порядок оформления запроса о помощи