NZMR ransomware asks for half a thousand US dollars as a ransom

NZMR ransomware is a malicious computer virus[1] that encrypts files and demands $500 as a ransom. The ransomware is based on open-source viruses EDA2 and HiddenTear. After encrypting all files, the virus provides the message from the victims by dropping the ransom.jpg file. This file contains a message that says:
All file this computer is crypt
If you want to recover your files before they are removed. You have 24 hours to send $ 500 to the direction of Bitcoin that is indicated below:
Address: [redacted]
Once you make the sending contact by email to the soguiente address:
Email: sporter4499@protonmail.comProvide your data for the recovery of locked files
Thank you very much
Team NZMR
As you can see, the ransom note suggests writing to sporter4499@protonmail.com to get the decryptor. However, currently, it is unknown whether cybercriminals provide the decryption tools or not. At the moment of writing this article, the Bitcoin wallet[2] associated with NZMR ransomware hasn’t received any Bitcoins and was completely empty.
When files get encrypted by ransomware, the victim has to decide whether to pay the ransom or not. We tend to suggest not to pay the ransom because of the risk of losing money along with files. Sadly, files encrypted by this ransomware cannot be recovered using any third-party tools (at least at the moment of writing), but you can always use a data backup.
Before restoring your files, you have to remove NZMR virus. To complete this task, we strongly recommend using an anti-spyware tool like FortectIntego. If you’d like to see more alternatives, check out the “Software” page on our site.

Distribution of the virus
NZMR ransomware is distributed in a traditional and the most popular way of malware distribution. Cyber criminals create malicious files that function as intermediates that download the ransomware to the computer. It can be a document that contains a malicious Macro function, JavaScript or another compromised file.
Obviously, to protect yourself from such files, you should never open suspicious email attachments or URLs sent to you by strangers. However, ransomware can be installed on your computer by exploiting software vulnerabilities in your PC. To patch these vulnerabilities, continuously update programs.
Finally, to protect your files from a fearsome encryption procedure, create a backup and employ a powerful anti-malware software to protect your PC. We also recommend you to follow the news on Virus Activity site[3] to know more about the latest malware and spyware samples.
Deleting NZMR ransomware virus
Remove NZMR virus as soon as you can because only then you will get a chance to use your computer without worries again. Please understand that ransomware is no regular program and it cannot be uninstalled traditionally. Each ransomware is different and contains various files, so using anti-malware software would be the best idea.
Another reason why we recommend using anti-malware programs is that they are developed by security experts that analyze each virus individually and put up the latest information about them to security programs.
This makes those security products capable of detecting the latest security threats. Please, do not even consider the manual NZMR removal option unless you are extremely experienced IT professional.
Was this guide helpful?
Be the first to comment