The STOP/Djvu Ransomware family expands further with the introduction of another variant known as Nqhd Ransomware. There is a good reason why cybercriminals continue to favor this particular ransomware family as they can rapidly produce potent ransomware threats without the need to make significant modifications or improvements.
Nqhd Ransomware received its name from the ‘.Nqhd’ suffix that it appends to the affected files. This ransomware strain works identically as the other members of the STOP/Djvu Ransomware family. The same applies to the program’s distribution as Nqhd Ransomware spreads mostly via spam emails, phishing messages, social engineering, and compromised websites.
The Nqhd Ransomware Experience
Users will unknowingly download Nqhd Ransomware and suddenly find their files have been encrypted and are now inaccessible. Affected files will be appended with the ‘.nqhd’ file extension and victims will find a ransom note on their desktop in the form of the ‘_readme.text’ document. The cybercriminals behind Nqhd Ransomware request a payment of $980 for file decryption, but they are willing to lower that price to $490 in return for payment within 72 hours.
The hackers also provide victims with contact information in the form of two emails, email@example.com and firstname.lastname@example.org. Victims are instructed to send one file to be decrypted for free as proof that the ransomware operators can unlock the victims’ files after receiving payment.
As always, we strongly recommend that victims do not communicate with the hackers and refrain from paying any ransom, as paying does not guarantee that victims will receive a decryption tool.
Surviving a Nqhd Ransomware Attack
In general, we strongly recommend users keep backups of their valuable files on removable storage devices or via a cloud storage service to mitigate the troubling consequences caused by ransomware infections. But if you should find yourself infected by Nqhd Ransomware, we recommend that you use a reputable anti-malware tool to scan for and remove the elements related to this nasty infection.