What is Powd ransomware?
Powd is a computer virus in the STOP/Djvu family, one that falls under the ransomware category. Very roughly speaking, this means that it steals files from the computers it infects, and demands payment to give them back. To be more specific, files don’t get actually stolen, they’re digital after all. Instead, Powd encrypts them with a cryptographic algorithm. This means that they cannot be opened, or edited, or accessed in any way, until they’re decrypted. But to decrypt the files, a cryptographic key (a password essentially) is needed. The virus will tell this password to the hacker, but, of course, not to the victim. The victim will instead receive a ransom note demanding pay.
Powd ransom note, “_readme.txt”, doesn’t contain much valuable information; most of it is dedicated to psychological tricks. Still, it mentions the price of getting the files back: $980. A discount is also offered, though that should be considered one of the aforementioned tricks. The full text of the note can be read on the image above. Powd also renames the files after encrypting them; they receive .powd file extension.
Paying the hackers is not advised. It is, of course, expensive, but you also have no real guarantee that they will give you your files back. You may explore alternative ways to remove Powd ransomware and decrypt .powd files in the guide below.