03-19-2022 , 02:19 PM
Diavol encrypts victim's files and appends the extension ".lock64".
Below is an example ransom note:
README_FOR_9B1D77DE-2FC4-4746-8C7C-95C0EFF2AF08.txt
# What happened? #
Your network was ATTACKED, your computers and servers were LOCKED.
You need to buy decryption tool for restore the network.
Take into consideration that we have also downloaded data from your network that in case of not making payment will be published on our news website.
# How to get my files back? #
1. Download Tor Browser and install it.
2. Open the Tor Browser and visit our website - https://r2gttyb5vqu6swf5.onion/[redacted]/[redacted]
Tor Browser may be block in your country or corporate network. Try to use Tor over VPN!
SOURCE
Below is an example ransom note:
README_FOR_9B1D77DE-2FC4-4746-8C7C-95C0EFF2AF08.txt
# What happened? #
Your network was ATTACKED, your computers and servers were LOCKED.
You need to buy decryption tool for restore the network.
Take into consideration that we have also downloaded data from your network that in case of not making payment will be published on our news website.
# How to get my files back? #
1. Download Tor Browser and install it.
2. Open the Tor Browser and visit our website - https://r2gttyb5vqu6swf5.onion/[redacted]/[redacted]
Tor Browser may be block in your country or corporate network. Try to use Tor over VPN!
SOURCE