Ransomware - JuicyLemon

JuicyLemon is known to have debuted in mid-2016 when a user in the BleepingComputer's forums reported that their files had been encrypted. With the help of ransomware researchers, they revealed that the ransomware that infected this user's machine - along with a few others -  is JuicyLemon. The name is derived from one of the emails the ransomware operators used to extort victims - support@juicylemon[.]biz. They also used another email for extortions as well as the Bitmessage service. These communication mediums were also used as strings in the abnormally long file extension the operators used after encrypting files with AES-256. Thankfully, a user in the same BleepingComputer's Forums named BloodDolly created a decryptor for JuicyLemon and any of its successors. One of which is PizzaCrypts, in which the decryptor works on it too. Public technical analyses of this ransomware show that the operators used exploit kits (EKs) to deliver their payloads. Specifically, they're known to have used the Angler and Neutrino EKs. Aside from that, the JuicyLemon operators are known to have asked for 1000 Euro as an extortion amount, but the currency they prefer is Bitcoin (BTC).