Recently, people who are desperate with the promise of free decryption have been tricked by the spreading fake decryptor for the STOP Djvu Ransomware. What happens is that they are infected with another ransomware worsening their situation instead of having their stolen files back for free.
Most of the victims of the fake decryptor are individual users and not enterprises, so there\’s relatively little news about it despite it being so common. Unlike businesses, individual users are less likely to pay hundreds of dollars for a legitimate decryptor, so they attempt to pirate a cracked version. A \”crack\” is a copy of software that has been modified to remove copy protection that would otherwise ensure the user has paid for it. The cracked version lures ransomware victims in and contains the fake decryptor ransomware, which further encrypts files a second time. Victims are now left with the choice to lose their files, pay two ransoms to cybercriminals, or pay hundreds of dollars for legitimate decryptor software.