Beware Of This Fake Ransomware Decryptor. It Makes Things Even Worse!
The research team at MalwareHunterTeam has discovered that there is a fake ransomware decryptor that's going around online where its sole purpose is to make victims of ransomware have more problems than they had in the first place.
This fraudulent ransomware decryptor is a predator that targets users that are already infected with the ransomware called STOP Djvu. The ransomware targets individual people, unlike the more prominent ransomware viruses that target businesses.
Researchers have found that using the ransomware decryptor will make the victim suffer from another ransomware attack. The fake decryptor disguises itself as a decryptor of the STOP Djvu ransomware.
The fake decryptor is another ransomware known as Zorab. It infects the device of the user and applies an additional level of encryption onto the user's files. This double file encryption is kicking the user while they're already down.
What Is The Fake Ransomware Decryptor And What Does It Do?
The fake ransomware decryptor made itself look like it would decrypt your files affected by the ransomware called STOP Djvu. STOP Djvu is a strain of ransomware that is currently circulating the internet. It has infected more victims than some of the most notorious ransomware strains, including DoppelPaymer, Netwalker, Sodinokibi, and Maze.
The ransomware is hidden deep inside infected software cracks. More than 600 people fall victim to it every single day, making it one of the most circulated ransomware strains in over a year.
Previously, there have been older versions of the STOP Djvu decryptors that you can get online for free and they worked perfectly fine. This trust in the older versions would have led victims to trust the fake one since they wouldn't have known to check if it was a fake decryptor.
When a user downloads the fake decryptor and attempts to activate it, the fake ransomware decryptor extracts an executable that was hidden inside. The executable crab.exe will install the ransomware called Zorab. Zorab will encrypt data a second time after the first round and it puts a ransom note in every folder that has an encrypted file.
The ransom note placed within the folders of encrypted files will demand that the victim buy a decryptor from the operator of the ransomware, and it warns them against using a third-party decryptor to try and decrypt the files without paying.
Emsisoft, a security firm, has released a free genuine Zorab decryptor. This decryptor can help users take back their files and decrypt them. But this decryptor won't get rid of the first malware, the initial STOP Djvu malware.
What Is Ransomware?
Malware that locks you out from getting into your computer or locks your files behind encryption until you pay a ransom is known as ransomware. Most of the time, ransomware will encrypt your files. You will see ransomware distributed as a disguised file.
The Mac ThiefQuest Ransomware Proves All Computers Can Be Infected
If you think having a Mac computer will keep you safe from malware, you are wrong. The ThiefQuest ransomware is proof that even Macs aren't safe.
The Univeristy of California San Francisco Pays $1.14 Million Ransom To Cybercriminals
It looks like ransomware has taken hold of servers at UCSF. Unfortunately, the ransom had to be paid to save their data. But did they try to restore it themselves? Find out here.
Vulnerable Windows Devices Are Being Taken Advantage Of To Spread The Lucifer Malware
There is new malware circulating that's exploiting vulnerabilities in Windows computers, The infected systems are being used to launch DDoS attacks and also turning them into cryptocurrency miners.
[Caution] New Ransomware Jaff Extorts $3,700! Here's How to Spot it
Imagine having to pay $3,700 for opening a wrong email. Have you heard about the ransomware Jaff?
How Much Will The Radeon RX 6900 XT Cost? This Leaked Slideshow Has That Information
In a few months, AMD looks like they'll be bringing out Big Navi. The flagship of their new Radeon RX 6000 series will be the Radeon RX 6900 XT. It seems like a leak has revealed numerous details on the flagship card.
MORE IN ITECHPOST
Elon Musk’s Brain Microchip Neuralink Will Allegedly Cure Depression and Addiction
Elon Musk founded Neuralink in 2016, but what is the purpose of this brain-implanted computer chip? Musk has revealed additional details that you may find interesting.
Spotted in Deep Space: Never Before Seen Four Mystery Objects
A few mysterious objects that haven't been seen until now have recently been spotted in deep space thanks to massive radio telescopes.
A Leaker May Have Confirmed The Release Date Of 'Resident Evil Village'
A leaker who has been reliable in the past regarding Resident Evil may have revealed the release date of Resident Evil Village.