Expert Insight On Fake Ransomware Decryptor Capable of Double-Encrypting Files of Desperate Victims

Recently, people who are desperate with the promise of free decryption have been tricked by the spreading fake decryptor for the STOP Djvu Ransomware. What happens is that they are infected with another ransomware worsening their situation instead of having their stolen files back for free.

 

Experts Comments

June 09, 2020
Paul Bischoff
Privacy Advocate
Comparitech
Most of the victims of the fake decryptor are individual users and not enterprises, so there's relatively little news about it despite it being so common. Unlike businesses, individual users are less likely to pay hundreds of dollars for a legitimate decryptor, so they attempt to pirate a cracked version. A "crack" is a copy of software that has been modified to remove copy protection that would otherwise ensure the user has paid for it. The cracked version lures ransomware victims in and.....Read More
Most of the victims of the fake decryptor are individual users and not enterprises, so there's relatively little news about it despite it being so common. Unlike businesses, individual users are less likely to pay hundreds of dollars for a legitimate decryptor, so they attempt to pirate a cracked version. A "crack" is a copy of software that has been modified to remove copy protection that would otherwise ensure the user has paid for it. The cracked version lures ransomware victims in and contains the fake decryptor ransomware, which further encrypts files a second time. Victims are now left with the choice to lose their files, pay two ransoms to cybercriminals, or pay hundreds of dollars for legitimate decryptor software.  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.