Home Malware Programs Ransomware Truke Ransomware

Truke Ransomware

Posted: June 24, 2019

The Truke Ransomware is a file-locking Trojan from the STOP Ransomware or Djvu Ransomware family. Along with other features, it can block the media on your computer by encrypting it, remove some backups, and leave behind ransom demands. Appropriate storage of backups can mitigate damages from its attacks, and many anti-malware solutions should delete the Truke Ransomware safely.

The Trojans Conducting Their Hunts for Files Over Borders

The STOP Ransomware family delivers the tools for attacks through different threat actors around the world, and many of its new additions only emphasize the universal danger that it represents. Malware experts are identifying victims of another version, which, like most members of the collective since the Muslat Ransomware, is post-1.0. The Truke Ransomware is collecting possible ransoms from users in India, Thailand and the Philippines – which means that it's sharing competitive space with relatives like the India-razing Davda Ransomware and the Vesad Ransomware or Thailand's Horon Ransomware.

The Truke Ransomware is, despite a version number of 1.05, not an enormous departure from the payloads of 2019 versions of the STOP Ransomware. The Truke Ransomware can block digital media, including documents, music, archives, or pictures, and adds its extension of 'truke' at the ends of their names after doing so. The Truke Ransomware may use a static or dynamic locking method, with a preference for the former, if it can connect to its server. Users who disable internet connections as soon as infections are suspected may, therefore, save their files from an impenetrable encryption attack.

Like almost all Ransomware-as-a-Service operations, the Truke RansVolume Copies for the Windows Restore Points and even may block some websites like Microsoft's domain. The latter is the most easily-recoverable of its attacks since users can repair the Hosts file that the Truke Ransomware modifies relatively painlessly.

Keeping on Trucking in a Trojan-Filled World

The Truke Ransomware's family is both a security risk that's relevant to Windows users' individual computers and to servers that don't have sufficient security for preventing attacks of opportunity against them. The latter are, commonly, compromised through password-cracking brute-force attacks or by exploiting patchable vulnerabilities in software. The former, on the other hand, typically connect infection routes back to downloads from unsafe sources, such as e-mail, torrents or illegitimate websites.

Malware experts stress the usefulness of backups protocols for preventing the Truke Ransomware's attacks from causing any undue damage. Save your backup work to another device or a cloud service, if it's possible, and update it routinely. The decryption solutions for the Truke Ransomware's family only are compatible with the 'easier,' offline version of its encryption.

In general, roughly two-thirds of the cyber-security sector's anti-malware brands can identify even new versions of this Trojan's family. Anti-malware solutions always are preferable for uninstalling the Truke Ransomware or stopping infections but can't unlock the files afterward.

The Truke Ransomware has a solid track record of expanding its base of victims. Ideally, those victimized individuals aren't paying the ransom – since doing so would pave the road for more like them.

Loading...