B2DR Ransomware

The B2DR Ransomware is an encryption ransomware Trojan that was first observed on March 26, 2018. The B2DR Ransomware works like most encryption ransomware Trojans, making the victim's files inaccessible and then demands a ransom in exchange for restoring access to the affected files. The B2DR Ransomware, like most encryption ransomware Trojans in action today, is being delivered to the victims via corrupted spam email attachments, which takes the form of a Microsoft Word document with bad embedded macro scripts. Once the victim downloads the file, the B2DR Ransomware is downloaded and installed on the victim's computer.

How the B2DR Ransomware Carries out Its Attack

The B2DR Ransomware scans the victim's computer and encrypts files on all local drives and external memory devices connected to the infected computer. The B2DR Ransomware uses the AES 256 and RSA 1024 encryptions to make the victim's files inaccessible, connecting to its Command and Control servers to relay information about the infected computer. The B2DR Ransomware adds a new file extension to each affected file's name. This file extension includes the B2DR Ransomware's contact email and consists of the following string:

.bronmerkberpa1976@protonmail.com.b2dr

The B2DR Ransomware, like most encryption ransomware Trojans today, targets the user-generated files while avoiding the Windows system files and executable files. The B2DR Ransomware does this so that the victim's operating system can remain functional enough to allow the victim to contact the con artists and pay the ransom. Threats like the B2DR Ransomware will try to take the victim's photos, audio, documents, spreadsheets, databases, and other important personal and professional documents hostage. The following are some of the files that may be affected by threats like the B2DR Ransomware:

.3dm, .3g2, .3gp, .7zip, .aaf, .accdb, .aep, .aepx, .aet, .ai, .aif, .as, .as3, .asf, .asp, .asx, .avi, .bmp, .c, .class, .cpp, .cs, .csv, .dat, .db, .dbf, .doc, .docb, .docm, .docx, .dot, .dotm, .dotx, .dwg, .dxf, .efx, .eps, .fla, .flv, .gif, .h, .idml, .iff, .indb, .indd, .indl, .indt, .inx, .jar, .java, .jpeg, .jpg, .js, .m3u, .m3u8, .m4u, .max, .mdb, .mid, .mkv, .mov, .mp3, .mp4, .mpa, .mpeg, .mpg, .msg, .pdb, .pdf, .php, .plb, .pmd, .png, .pot, .potm, .potx, .ppam, .ppj, .pps, .ppsm, .ppsx, .ppt, .pptm, .pptx, .prel, .prproj, .ps, .psd, .py, .ra, .rar, .raw, .rb, .rtf, .sdf, .sdf, .ses, .sldm, .sldx, .sql, .svg, .swf, .tif, .txt, .vcf, .vob, .wav, .wma, .wmv, .wpd, .wps, .xla, .xlam, .xll, .xlm, .xls, .xlsb, .xlsm, .xlsx, .xlt, .xltm, .xltx, .xlw, .xml, .xqx, .xqx, .zip.

The B2DR Ransomware delivers its ransom note in the form of a text file named 'readme.txt,' which contains the following message:

'All your files are encrypted.
Ask how to restore your files by email bronmerkberpa1976@protonmail[.]com
Use only gmail[.]com, yahoo[.]com, protonmail[.]com.
Messages written from other mail services we can not get.
!!!With any changes to the encrypted files, do not forget to backup files!!!
Your ID: [RANDOM CHARACTERS]'

Do not contact the people associated with the B2DR Ransomware or pay the B2DR Ransomware ransom. There may be no return to it since the con artists do not help the victims restore their files in the majority of cases; the extortionists will either ignore the victim or demand even more money.

Protecting Your Data from Threats Like the B2DR Ransomware

The best protection against threats like the B2DR Ransomware is to have file backups on cloud storage or an external memory mechanism. Having file backups means that there is no need to contact the cybercrooks or pay the B2DR Ransomware ransom since the affected files can be restored easily. Computer users that use a strong security program that is fully up-to-date can protect their computers from threats like the B2DR Ransomware. They also should take steps to protect their data from social engineering tactics. Since threats like the B2DR Ransomware are distributed using corrupted email tactics, learning to recognize them is a big part of protecting your data and staying safe from threats like the B2DR Ransomware.