The VSOP ransomware appears to be directly linked to another malware that also demands ransom after stealing data from its victims. Based on the similarities in their attack processes, researchers believe VSOP may be a variant of the Onyx ransomware that was seen in May of this year.
VSOP ransomware has been multiplying victims, whether they are businesses or individuals. Its attacks start with massive email distributions containing links or malicious software.
This way the attackers can take advantage of a lack of attention on the part of the user, who opens the email. Without realizing it, they open a breach in their system.
Once in the system, the attacker releases VSOP ransomware that can scan the environment and detect the most valuable data for encryption. This data is then encrypted using AES and RSA algorithms.
Once encrypted, the original file name is changed and gains the extension “.PPLIT”. Files with this extension become inaccessible to the user.
A ransom note in .txt format is generated by the VSOP ransomware. According to this note, the only way for the victim to review their data would be to pay the cybercriminals a ransom in exchange for a decoder.
As proof of trust, the attackers propose to restore a file of the victim’s choice. This practice is becoming increasingly common, however after the payment is made, the cybercriminals do not always actually send the promised decoder.
What is not said in this ransom note is that there are qualified professionals who specialize in recovering data encrypted by ransomware.
Recover files encrypted by VSOP ransomware
At Digital Recovery, these professionals are on hand to perform the recovery in the best possible way.
With over 23 years of experience in the data recovery industry, our team has had the opportunity to assist hundreds of companies following a ransomware attack.
Our team consists of professionals who specialize in the recovery of data encrypted by ransomware.
Most of the time we work remotely, which means we can take our solution to virtually any company in the world.
So decide not to fund future attacks and contact us to recover your data.