Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are leading to ransomware attacks

Ransom Notes: README-NOVA.me

----------------------------------------------------------------------------- Ransom -----------------------------------------------------------------------------
-> Hello , without any problems , if you see this Readme its mean you under controll by Nova ransomware , Data stolen and will be leaked if didn't contact us in 48 hours
- encrypted files have ext .[victim_name]NV DON'T TOUCH IT
-> Data from your network will be leaked in 10 days , take action and get in touch please
--- make sure that the best way to less the time for you is contacted us to recover and decrypt your secret data and stop leak operation
-----------------
>>> what we will provide and help with ?
-> we will provide advanced decryptor easy for use and we will return every file or data we delete or stole from your Network
-> we will give you link to download data stolen from your network as plus recover
-> we provide report to how fix your network , and how we gain access and bypass your security, and some advice to up your security
-----------------
>>> contact us here (use tor Browser to access chat): download tor from torproject.org
----------------
Chat system (TOR) join link : http://c43mpmijbb7rrvb3gc2w2hli7haeyrr2jlsl6xguveysfxwkt2iayjqd.onion/chat
put any username to join
----------------
- our session messanger ID (Add ons , please use chat in tor to contact , contact in session if you can't access chat) : 
054f55ec93aca9bac362b9d91eff36a7ce451e7caba47c0b2e004ba429f9529c79 (https://getsession.org)

- also you can use qtox ID : 8E9A6195A769FE7115F087C61D75CF32874C339B3AB0947D07480C9A8A12DA5009151BE6A51F
-----------------
>>> important notes : 
-> please do not touch the files becouse we can't decrypt it if you touch it
-> please contact us today or soon a possible , becouse the leak operation should start , and we will not decrypt or recover you after time
-----------------
- your leak post will be in our Blog : http://novadmrkp4vbk2padk5t6pbxolndceuc7hrcq4mjaoyed6nxsqiuzyyd.onion/

----------------------------------------------------------------------------- Ransom -----------------------------------------------------------------------------
Indicators of Compromise
Type IOC
onion url http://c43mpmijbb7rrvb3gc2w2hli7haeyrr2jlsl6xguveysfxwkt2iayjqd.onion/chat
onion url http://novadmrkp4vbk2padk5t6pbxolndceuc7hrcq4mjaoyed6nxsqiuzyyd.onion/
tox id 8E9A6195A769FE7115F087C61D75CF32874C339B3AB0947D07480C9A8A12DA5009151BE6A51F
session id 054f55ec93aca9bac362b9d91eff36a7ce451e7caba47c0b2e004ba429f9529c79