Nuke ransomware targets Windows OS and its distribution method is currently unknown. It uses AES-256 to encrypt files and appends .nuclear55 to file names after renaming the files to a random set of characters. Nuke then generates two ransom notes, !!_RECOVERY_instructions_!!.html and !!_RECOVERY_instructions_!!.txt and then changes the desktop wallpaper. Although it does not provide any payment instructions and no ransom amount is listed on the notes, Nuke provides an email address for the victim to use to contact the attacker in order to arrange payment. It also threatens to destroy the decryption key if payment is not received within 96 hours. The ransom payment demand for Nuke is currently unknown.
- PC Risk provides more information about Nuke here.
- The NJCCIC is not currently aware of any free decryption tool available for Nuke.