D0nut Ransomware

Files, such as documents, images, photos, archives, databases, and many others will effectively be locked, and their restoration without knowing the correct decryption keys will be practically impossible. The threat actors responsible for the D0nut Ransomware are financially motivated and will try to extort money from the users or organizations they breach successfully. Apparently, the hackers give their victims 96 hours to establish contact before increasing the size of the ransom they will demand for the restoration of the locked data. Two communication channels are mentioned in the ransom note - using the Tox chat client or visiting a dedicated website hosted on the TOR network. The instructions delivered as HTML files are similar to: Not so long ago, we discovered a serious problem with your network and decided to help you.