Simple_Encoder, or Tilde, targets Windows OS and, currently, the method of distribution is unknown. It encrypts specific files using AES encryption and then appends a tilde, or ~, to the encrypted file names. Simple_Encoder/Tilde drops a ransom note named a_RECOVER_INSTRUCTIONS.ini into each folder containing encrypted files. Simple_Encoder/Tilde demands a ransom payment demand of 0.8 Bitcoin.
- Bleeping Computer provides more information about Simple_Encoder/Tilde here.
- The NJCCIC is not currently aware of any decryption tools available for Simple_Encoder/Tilde.