Ziggy ransomware admin announces refunds for all targeted victims

Protect yourself from online attacks that threaten your identity, your files, your system, and your financial well-being.

The administrators of Ziggy ransomware have reportedly decided to lead an honest life and refund the victims of their ransomware attacks. This historic announcement comes a couple of months after the hacker group decided to shut shop and release decryption keys for free.

As admitted by the ransomware’s operators in statements given to the likes of Bleeping Computer and Threatpost, the Ziggy ransomware gang decided to shut shop in February following a string of law enforcement successes against well-established ransomware gangs, notably Emotet and NetWalker. Gripped by the fear of being next, the ransomware gang quickly released an SQL file with 922 decryption keys that could be used by the victims to unlock their files.

Ziggy is an old-fashioned ransomware variant that only encrypts files before putting up a ransom note on targeted systems. Modern ransomware variants also copy data from hijacked files to enable their operators to blackmail victims by threatening to publish stolen files even if the victims successfully decrypt files on their own.

Recently, Bleeping Computer reported that the Ziggy ransomware gang has decided to issue refunds to all victims. All that victims need to do is to send an email to [email protected][.]pro along with the payment proof and the computer ID. The gang will process the refund to the victim’s bitcoin wallet within two weeks. The admin of Ziggy ransomware also confirmed that the refund will be in Bitcoin at the value on the payment day.

The Ziggy ransomware administrator also told BleepingComputer that they lived in a “third-world country” and had to sell their house off in order to refund the money to their victims. Also, their decision to issue refunds was based on the fear of law enforcement operations targeting their bases. Threatpost received a similar response from the Ziggy admin. “Hello dear. Yes, I’m Ziggy ransomware developer. We decided to return victims’ money because we fear law-enforcement action,” the response read.

Ransomware gangs have made similar promises in the past but it’s best that organisations take their word with a pinch of salt. Last year, after the COVID-19 pandemic engulfed the…