DDOS Ransomware
Another spinoff of the Crysis/Dharma family of ransomware has been spotted by security researchers. The new variant is called the DDOS Ransomware, for lack of a better name. Despite the abbreviation used, the ransomware has nothing to do with a Distributed Denial of Service or DDoS. It is a garden variety file encryption threat that scrambles valuable data and dumps a ransom note on the victim's machine. The name comes from the extension that the ransomware appends to encrypted files.
There are no significant differences between this new fork of the Crysis/Dharma Ransomware, but this is largely the case with all variants, as the different groups of bad actors simply redistribute the ransomware with a new ransom demand email. The DDOS Ransomware uses the email address "decripted at cock.li" as its point of contact with victims. There is no specific ransom demand listed in the ransom note - those affected by the DDOS Ransomware are expected to contact the bad actors using this email and receive a personalized ransom demand.
Currently, there is no decryption tool for the DDOS Ransomware. The most reliable defenses against it, as well as against other crypto-threats, are regular backups to external devices and installing a reliable anti-malware suite that can stop the ransomware executable in its tracks before it can cause harm.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.