Since 2018, the ever growing STOP/Djvu Ransomware family has released hundreds of variant strains, quickly becoming one of the most prolific ransomware families in the world. ZATP Ransomware has been uncovered as yet another infection variant from the clan. The ransomware is referred to as ZATP based on the .ZATP extension it uses to append encrypted files. The ransomware operates like its counterparts from the STOP/Djvu Ransomware family and encrypts files before making a ransom demand.
After infiltrating a computer, ZATP Ransomware scans it, looking for user-generated files. It then affects the files that may contain valuable information, including databases, spreadsheets, archives, pictures, and videos. Additionally, the hackers behind ZATP Ransomware deliver a ransom note that contains information about the infection and the hackers’ ransom demands.
Unfortunately, an online decryption tool that would unlock the files encrypted by ZATP Ransomware is not available at the moment, and the only reliable way to recover encrypted files is to restore them from a backup. You could also possibly research other alternative data recovery options. However, there’s no guarantee that alternative data recovery tools will unlock all the encrypted files.
ZATP Ransomware’s operators promise to unlock the affected files for $980. However, they do offer a 50% discount if victims establish communication within 72 hours after encryption. The ransom note also instructs users to contact the criminals via the emails firstname.lastname@example.org and email@example.com. If contacted, ZATP Ransomware’s operators also offer to decrypt one file for free to display they can unlock all the affected files.
How Do I Deal with the ZATP Ransomware Attack?
To protect yourself from the ZATP Ransomware attack, you should practice safe web browsing habits like refraining from opening email attachments from unknown senders and downloading programs from unreliable sources. You should also have a reputable malware remediation tool installed on your computer. That way, you can regularly scan for elements associated with this troublesome ransomware infection and other malware. Also, to reduce the potential damage of a future ransomware infection, please consider backing up your files on an external hard drive or cloud storage.