NullByte Ransomware Virus Infects Users

The new NullByte virus is now infecting computer systems worldwide. The virus follows the now established trend to encrypt files with the AES cipher. The virus demands payment of 0.1 BTC (around $50) which is a bit lower than average, but crooks should receive even a cent for their criminal activities.

How Does the NullByte Ransomware Virus Infect Users?

The NullByte seems like your typical ransomware virus. That doesn’t make it any less dangerous. The distribution methods used by NullByte are the following:

  • Email Spam – The crooks send our emails that include malicious attachments
  • Infected redirects on shady websites

Users should watch out for any emails that look like they were sent from a legitimate company (a bank, software firm, a retail service) but have weird traits about them, like attached ZIP archives, weird URLs that don’t lead to the legitimate sites. An old infection trick has resurfaced recently, urging users to double click on a malicious script pretending to be a thumbnail.

The NullByte Ransomware Virus Up-Close

Once the victim makes the mistake of “contracting” the NullByte virus, their files are going to get encrypted by the ransomware. The encrypted files can’t be accessed without a key, which the crooks are selling for 0,1 BTC. Ransomware viruses always search for particular files like:

  • Videos
  • Photos
  • Audio files
  • Documents

If these files get encrypted by NullByte, they’ll have the _nullbyte file extension at the end of their name. Computers infected with the NullByte virus also get their desktop picture changes to the ransom note of the virus.

Here’s the Note in Its Entirety:

“The All of your personal files is have Been encrypted . Of The only way you CAN the get your information back is to purchase your decryption key of The current price is the set for 0.1 of BTC (USD $ 57.6) and will of the BE released The to you upon successful The completion of your transfer to us Our company wallet address is: [a BTC wallet addres] and the if you are using the a BitCoin Image phone the app, you CAN scan the this QR below code to transfer us Funds. of The more popular BitCoin Image phone-fi apps the include the Circle, Coinbase and Airbitz the to the find Our more information on BitCoins, and what for They are, please do a the youtube search. the To the put in a decryption key the request, please use the application Called Decrypt the Info on your the desktop, IT is the Same application That Opened upon completion of the filesystem encryption. for We to apologize . for the invonvinience and will release your decryption key as soon as you transfer funds to our BitCoin Wallet”

Even though the Nullbyte virus is very dangerous and the encryption of the computer’s files is very disruptive to the everyday usage of the system, users aren’t advised to pay the ransom. The crooks have no obligation to restore the files of the paying customer and can just as easily get their money and not bother keeping their end of the deal.

Here’s a Picture of the Ransomware Note the NullByte Virus Uses:

NullByte Ransomware Virus – Is There a Decryptor?

As of now, no decryptor has been released. Victims of the ransomware virus should try to remove it using specialized software. Paying the ransom isn’t only dangerous for your finances, but the money will go to the development of new viruses, like the new Cerber3 ransomware.

Was this content helpful?

Author : Alex Dimchev

Alex Dimchev is a beat writer for Best Security Search. When he's not busy researching cyber-security matters, he enjoys sports and writing about himself in third person.

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *