Esolutions warning: Nozelesn ransomware virus is targeting Poland

Nozelesn ransomware – a virus that uses DHL name in virus spreading emails

Nozelesn ransomware infiltrates your system secretly and makes your files useless. This virus came to Esolutions team’s attention this week. This ransomware has the main purpose of gaining money as typical ransomware. It is known that Nozelsen targets Poland.

This virus encrypts files using AES method and adds .nozelesn file extension. This locks data and user cannot access their files. The only solution here is restoring those locked files from a backup. You should build a file backing routine in case this happens.

After infiltration and file modification ransomware places ransom note on your PC. HOW_FIX_NOZELESN_FILES.htm file contains more information and a whole step-by-step guide on creating payment account. We advise you not to pay this ransom and stay away from cybercriminals at all.

Known  company names trick people into getting ransomware

It appears that many virus developers use names like Paypal, Amazon, FedEx or DHL when creating these cyber infections. Of course, people believe those big names and open attachments or files without thinking it trough.

Lack of knowledge and caution is the main thing that gets people into these frustrating and often dangerous situations. If you know that spam email attachments might be infected with macro-viruses or those purchases from ads can bring malware, you can avoid infections on your PC.

Ransomware acts similarly, but different

Typical ransomware behavior is file encrypting and demanding a ransom for them. Also, file encryption is a process when criminals use either AES or RSA method. This Nozelesn ransomware uses AES encryption method.

There are some differences. Some of these viruses display ransom notes in text files, some on your desktop or just a few sentences in .exe file. In this case, there is a program/site for the payment, but often there is only a suggested site with cryptocurrency wallet provided.

Ransomware is very dangerous because file locking might lead to permanent data loss or if you try to contact these criminals and pay the ransom you can lose money. There is a possibility that virus changes more prominent parts of your PC system so be quick and rely on trustful sources for the solution.

Posted in support.