Guster Ransomware Overview[]
The Guster ransomware is a new malware threat which uses distacting screnlocker feature. According to the security analysis that has been performed by the experts the virus is a scareware. It doesn't actually encrypt user files however it does extort the victims for a ransomware payment of 0.4 Bitcoins.
Upon infection the virus presents a screenlocker to the victim which prohibits normal interaction with the computer.
Guster Ransomware Note[]
All your files (documents, videos, photos, musics, pdfs, etc) have been encrypted with a strong military cryptography
The only way you have to get your files back to you, is paying a fee of 0.4 bitcoins, which worth something about 300.00 USD.
You can buy bitcoins in various sites all over the web, like localbitcoins.com and various others. If you try to delete me or something funny.
I SWEAR I’ll blow up your whole files and you’re never going to see it again.
It’s serious!
You have 48 hours to pay me these bitcoins or you’ll never get to see yous files again! You’re warned!
Follow these steps in order to get your files back:
1. Go to a Bitcoin exchange site and buy exactly 0.4 BTCs
1.1 You can take a look at some of these sort of sites here: https://www.bestbitcoinexchange.io/
2. Send an email with your ID to nucklearsupport@yandex.ru
3. Wait for a email-reply with more instructions
3.1 – It may take about 6-8 hours, if it takes more than that, send the email again. FAAAST!
3.2 – Remember! You have only 48 hours, so you better hurry up!
4. After following all the steps (including email reply steps), you’ll get the PASSWORD to decryption
5. Type the password in the indicated field
6. Click on ‘Decrypt!’
7. It’s done. Your files will be decrypted!
Your ID: XXXXXXXXXXXXXXx
Guster Ransomware Distribution[]
The file is distributed as a infected binary file which is distributed via the usual infection strategies: spam email messages, browser hijackers, malicious ads and etc.