'.drume File Extension' Ransomware
The '.drume File Extension' Ransomware is a new member of the family called either STOP Ransomware or Djvu Ransomware. File-locking Trojans from this group can block media on your computer by encrypting it, which is their leverage for attempted extortion. Users should withhold their money, if possible, and use appropriate anti-malware solutions for removing the '.drume File Extension' Ransomware before recovering from a backup.
The Drums of War Sound Off for Your Files
A file-locker Trojan from the STOP Ransomware's family is circulating throughout Central European nations like Slovenia, with the same intentions as its ancestors: locking your media for money. The '.drume File Extension' Ransomware, for unknown reasons, changes the name of its ransoming note but doesn't make any corresponding changes to the instructions, as far as malware analysts can determine. Its traits, for now, show it as a minor variant with no ambitious modifications from the default executables that this Ransomware-as-a-Service family generates habitually.
Although its relatives' preceding attacks employed software crack-based tactics immediately, the '.drume File Extension' Ransomware's chosen infection methods are unresolved. The use of the Slovenian word for 'drums' in its extension, however, suggests that it's targeting Europeans of that area, specifically. Threat actors may be installing the '.drume File Extension' Ransomware with the help of torrents, e-mail attachments, or brute-force attacks that are compromising servers' logins.
The '.drume File Extension' Ransomware's successful installation heralds the encryption of various file formats automatically, which makes the files unusable until a decryption process converts them back to normal. The extension of its name is appended to their names, as well, for making identification of what content is up for ransom more straightforward for any victims. Although users can find a copy-pasted version of the ransom note in the new '_open_.txt' file, malware researchers don't recommend paying file-locker Trojans' operators, as a rule.
Silencing the Clamor of Trojan Warfare
Users who disable their Internet connections before the '.drume File Extension' Ransomware completes its encryption routine will force the Trojan's reversion to a built-in, alternate data-encrypting method that could be decryptable by freeware. However, since the '.drume File Extension' Ransomware launches its attacks with limited symptoms, such a scenario isn't likely, for most cases. Having backups on USBs or cloud servers will, in general, be more dependable for keeping your files safe from any ransoming or sabotage attempts.
Mislabeled downloads (especially ones that reference illicit software, such as gaming cracks or key generators) and e-mail attachments like fake financial documents or articles are some of the usual ways that file-locker Trojans circulate. In cases of high-value targets, criminals, also, may brute-force the login for a server and supervise the dropping of the threat directly. Most anti-malware products provide ample security for identifying and removing the '.drume File Extension' Ransomware before it begins its attacks.
While malware researchers don't see the '.drume File Extension' Ransomware's in broad-use around the world, as of late March, its family has proven itself more than adaptable. Anyone using Windows machines without appropriate backups is putting their files at risk of digital warfare for no real reason.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.