Home Malware Programs Ransomware '.justice File Extension' Ransomware

'.justice File Extension' Ransomware

Posted: February 7, 2018

The '.justice File Extension' Ransomware is a variant of the Jigsaw Ransomware, a Trojan that both locks and deletes files to incentive ransom payments to its threat actor. This variant includes changes for targeting Turkish PC users, although its encryption and data-erasing functions are hazardous to an infected system. This threat's data sabotage functions on a fast-acting and repeating timer and a user should act quickly for disabling and removing the '.justice File Extension' Ransomware with all suitable anti-malware strategies and products.

The Puzzle Piece that Appreciates Ironic Naming Conventions

Another version of one of the most destructive families of file-locker Trojans, the Jigsaw Ransomware, is functional and, most probably, in live deployment against the residents of Turkey. The '.justice File Extension' Ransomware is a mostly minor variant of the original Trojan but does include added, time-based pressure against any users whose files it attacks. Although malware experts have yet to confirm specific targets, the '.justice File Extension' Ransomware's installation tactic is equally appropriate to both recreational and work environments.

The '.justice File Extension' Ransomware hides its installation executable with the pretense of being a miscellaneous, financial document, such as a package delivery-related invoice. Like other versions of the Jigsaw Ransomware, when run, it disguises its local components as parts of the Firefox browser and Dropbox program and begins encrypting a list of dozens of formats of media with an AES cipher. Once it finishes, the '.justice File Extension' Ransomware creates a pop-up that delivers a ransom demand for Bitcoins to decrypt your files and, once again, make them usable.

Malware analysts also spot a change in the '.justice File Extension' Ransomware's file-deleting routine, which is one of the defining parts of the Jigsaw Ransomware family. Besides retaining the ability for deleting files upon system restarts, the '.justice File Extension' Ransomware also deletes files according to the input of a real-time element. However, the original Jigsaw Ransomware only triggered the second attack on an hourly basis. The '.justice File Extension' Ransomware, instead, deletes more files every minute.

Giving a New Name to Justice for Files

The '.justice File Extension' Ransomware's choice of theme and some of the details of its ransom note imply that its threat actors are targeting their victims for political purposes, such as banking institutions. However, so far, malware experts are only capable of verifying the '.justice File Extension' Ransomware's planning its extortion against Turkish speakers. Because of the '.justice File Extension' Ransomware's family being decryptable currently, any users trying to unlock their files should experiment safely with the compatibility of freeware solutions from well-known cybersecurity organizations before considering a ransom payment.

Disabling the '.justice File Extension' Ransomware or preventing it from launching is crucial for eliminating the ongoing data loss that its file-deleting routine is capable of enacting. Malware experts recommend monitoring your PC's memory for unusual 'firefox.exe' and 'drpbx.exe' processes that you should terminate, if possible. Restarting in Safe Mode or booting straight through another device, such as any USB port, can provide additional security against this Trojan's startup processes, until you're ready to delete the '.justice File Extension' Ransomware with the anti-malware program of your choice.

The harsh pace of the '.justice File Extension' Ransomware's attacks could provoke a self-victimizing response from a panicking user. Any PC owners who truly want to save their files should be capable of backing them up perfectly, which places them outside of the '.justice File Extension' Ransomware's purview in the first place.

Loading...