It says that after joining that Discord server victims will receive a token that will decrypt files (that token allows Hog ransomware to verify whether victims have joined their server or not). Hog's ransom note instructs victims to join a Discord server via the provided the "Discord Server" link. It also explains that by trying to remove that extension from filenames victims could damage their files irreversibly. Hog's ransom note explains that victims cannot access their files because they are encrypted using AES-256 encryption algorithm and all of them now have the ".hog" extension. Most ransomware variants display (or create) a ransom note to provide information like price of a decryption key, software, contact details (usually one two email addresses), cryptocurrency wallet address, and other information. Like most ransomware variants, this one displays a ransom note (launches the " DECRYPT-MY-FILES.exe" file). hog" extension to their filenames.įor instance, Hog renames a file named " 1.jpg" to " 1.jpg.hog", " 2.jpg" to " 2.jpg.hog", and so on. It also renames all encrypted files by appending the ". Hog ransomware is a type of malware that does not allow victims to access or use their files by encrypting them and keeps those files inaccessible unless victims join a Discord server.
0 kommentar(er)
