FANDOM


Zeropadypt is a ransomware that runs on Microsoft Windows. The activity of zeropadypt came at the beginning of April 2019.

Payload

Transmission

It can be spread by hacking through an unprotected RDP configuration, using email spam and malicious attachments, fraudulent downloads, botnets, exploits, web injections, fake updates, repackaged and infected installers.

Infection

Zeropadypt does not encrypt anything, but  fills the contents of the files with zeros, and then requires that an extortionist write an email to pay a ransom to return the files.

It then opens a ransom note named "READ-Me-Now" which says:

Your the All Files the Encrypted  
For the Data Decrypt Your Contact Me:  asmo49@asmodeus.us 
Your ID for Decryption:  r4o7x ***** 
the If You Decrypt the Try your file and damage IT is Gonna Cost Price more You to Decrypt  
you can Send 1MB Data For Decryption Test

                                                                                                       

Community content is available under CC-BY-SA unless otherwise noted.