Home Malware Programs Ransomware DDOS Ransomware

DDOS Ransomware

Posted: May 17, 2019

Another spinoff of the Crysis/Dharma family of ransomware has been spotted by security researchers. The new variant is called the DDOS Ransomware, for lack of a better name. Despite the abbreviation used, the ransomware has nothing to do with a Distributed Denial of Service or DDoS. It is a garden variety file encryption threat that scrambles valuable data and dumps a ransom note on the victim's machine. The name comes from the extension that the ransomware appends to encrypted files.

There are no significant differences between this new fork of the Crysis/Dharma Ransomware, but this is largely the case with all variants, as the different groups of bad actors simply redistribute the ransomware with a new ransom demand email. The DDOS Ransomware uses the email address "decripted at cock.li" as its point of contact with victims. There is no specific ransom demand listed in the ransom note - those affected by the DDOS Ransomware are expected to contact the bad actors using this email and receive a personalized ransom demand.

Currently, there is no decryption tool for the DDOS Ransomware. The most reliable defenses against it, as well as against other crypto-threats, are regular backups to external devices and installing a reliable anti-malware suite that can stop the ransomware executable in its tracks before it can cause harm.

Related Posts

Loading...