icon-logo
  • Ransomware

Ransomware Pozq

The Pozq ransomware was recently discovered after a sample submission on VirusTotal. After some analysis, evidence was highlighted that Pozq may have a relationship with the Djvu group.

We know that, similar to Djvu, the Pozq ransomware operates using password and banking information theft malware such as Vidar and RedLine, proving that Pozq is a variant of the Djavu ransomware.

Pozq ransomware appears to be targeting Windows operating systems and in most cases the invasion is very simple.

Sending e-mails containing malicious links or attachments, downloading from untrusted sources or even using Trojans. These are the most commonly used ways to break into the victim’s environment.

The Pozq ransomware is then executed and encrypts the data present in the environment by adding the extension “.pozq” to the original file name.

At the end of the encryption process, a text file ” _readme.txt “ is created. This then issues a ransom note informing the victim of the current status of his or her data.

According to the ransom note, all infected files (with the extension .pozq) cannot be opened without the attackers own decryption software. To obtain this tool a ransom of $980 must be paid in bitcoin to the cybercriminals.

This amount is subject to reduction if the victim contacts the attackers within 72 hours of the attack.

To be sure, this situation is oppressive and extremely uncomfortable for the victim. Furthermore, many of the victims may be small businesses, which can consequently impact the organization’s activities.

Today, contacting cybercriminals is no longer the only option for recovering your encrypted data.

Recover files encrypted by Pozq ransomware

In the data recovery industry, Digital Recovery has a wealth of experience. We have had the privilege of helping hundreds of ransomware victimized companies in our 23 years of business.

We have improved and created solutions for recovering encrypted files from databases, virtual machines, servers, RAID systems, and other types of storage.

We understand how sensitive this situation can be, which is why we operate under a confidentiality agreement (NDA) to ensure that our customers’ data is completely secure.

After a ransomware attack, Digital Recovery is the best option.

Our team of experts is available 24/7 to provide the best possible service.

So contact us to recover your data now.

So please contact us to recover your data now.

Editorial Team

Editorial Team

Team Digital Recovery is composed of data recovery specialists who, in a simple way, aim to bring information about the latest technologies on the market, as well as inform about our ability to act in the most complex data loss scenarios.

Digital Recovery helps companies recover data

TALK TO A SPECIALIST

Check out other posts

We are always online

Please fill out the form, or select your preferred contact method. We will contact you to start recovering your files.

Latest insights from our experts

Recuperar memoria flash

What is Flash Memory?

Since its invention in the 1980s, Flash memory has revolutionized digital data storage. Essential for mobile devices, digital cameras, storage units and more, it combines

READ MORE →
All Variants
Success Cases
Recover Ransomware

Through unique technologies Digital Recovery can bring back encrypted data on any storage device, offering remote solutions anywhere in the world.

Talk to an Expert
Single
Virtual Machine
Storage
Raid System
Special Cases
Database
Tape
Cybersecurity
DIGITAL FORENSIK
4D-Pentest

Discover the invisible vulnerabilities in your IT – with the 4D Pentest from Digital Recovery

Talk to an Expert
Choose your country