DearCry Ransomware
Over the past week, Microsoft Exchange Mail Servers have been under attack by a new ransomware family tracked under the name DearCry. The criminals behind the attack campaign are exploiting four new vulnerabilities that Microsoft has already patched – however, users who have failed to update their software may still be at risk of having their systems compromised. The DearCry Ransomware is in no way associated with the WannaCry Ransomware – its creators are simply piggybacking on the popularity of the infamous ransomware family.
The DearCry Ransomware uses a flawless file-locking mechanism, and it targets a wide range of file extensions to inflict maximum damage. It encrypts the contents of the file, and also adds the header 'DEARCRY!' Just like other ransomware, it uses a custom file extension to modify the names of damaged files – 'CRYPT.'
After completing its attack, the DearCry Ransomware drops the ransom note 'readme.txt' on the desktop. It tells the victim to contact konedieyp@airmail.cc or uenwonken@memail.com for assistance. As expected, contacting the attackers is only the start – they will then extort their victim for money by promising to give them access to a decryptor, but only if they agree to pay a ransom fee.
Unfortunately, free decryption is impossible, and the only reliable way to recover the lost files is to recover them via a backup. If a backup is not available, users can explore alternative data recovery options.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.