Threat Database Ransomware Besub Ransomware

Besub Ransomware

By CagedTech in Ransomware

The Besub Ransomware is a version of the STOP (DJVU) family of ransomware. Like most data-locking ransomware, the Besub Ransomware encrypts the infected system files and makes them inaccessible. The files are unable to be decrypted without a secret key known only to the attackers. The infected file names are appended with a ".besub" extension. Data-locking ransomware usually comes with a ransom note. This is a file left on the desktop and/or in infected folders. The Besub Ransomware ransom note is usually called "_readme.txt." The Besub Ransomware does not appear to attack any specific region or Internet user.

How the Besub Ransomware will Attack Your Computer

The Besub Ransomware is distributed using techniques like spam email attachments, infected downloadable files and corrupted torrents. The unsafe file may be an executable, or it could be a seemingly innocent MS Office document. The MS Office document (.doc, .docx, .xls) contains a "macro," which is able to access operating system features like the Windows API. While being a standard ransomware mostly, some researchers have reported the Besub Ransomware trying to open a Remote Desktop Protocol (RDP) connection, which gives the attackers control of an infected system.

Sample Ransom Note
'ATTENTION!
Don’t worry, you can return all your files!
All your files like photos, databases, documents and other important are encrypted with strongest encryption and unique key.
The only method of recovering files is to purchase decrypt tool and unique key for you.
This software will decrypt all your encrypted files.
What guarantees you have?
You can send one of your encrypted file from your PC and we decrypt it for free.
But we can decrypt only 1 file for free. File must not contain valuable information.
You can get and look video overview decrypt tool:
https://we.tl/t-mlQvroK6UO
Price of private key and decrypt software is $980.
Discount 50% available if you contact us first 72 hours, that’s price for you is $490.
Please note that you’ll never restore your data without payment.
Check your e-mail “Spam” folder if you don’t get answer more than 6 hours.
To get this software you need write on our e-mail:
gorentos@bitmessage.ch
Reserve e-mail address to contact us:
ferast@firemail.css
Our Telegram Account:
@datarestore
Your personal ID:
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX'

Protecting Yourself from the Besub Ransomware

Never download files from unknown sources when downloading them from the Internet or an email attachment. Even if a file is attached to an email from a known source, double-check the email address and make sure it is exactly correct. Even when downloading an attachment from an authentic email, make sure the attachment makes sense in context with the email body. Avoid running executable files attached to emails at all costs. Sometimes a malware can attach threatening files to an email without the sender's knowledge. Malware also can sometimes be hidden inside a torrent. Do not download torrents from unknown sources and, especially, do not run any executable files they may contain.

If you don't already have anti-malware or anti-virus software installed on your system, please download and install one immediately. Most operating systems come with some anti-virus and anti-malware protection out of the box, but it's your job to keep the virus definitions up-to-date. Any anti-virus or anti-malware is only as good as its virus definitions. Lastly, always backup your data regularly. Even with the best protections and practices, there always is a chance that some corrupted scripts may end up being run on your system. In this case, the only real remedy you have is to start fresh or from a backup. For very important data, it is a good practice to keep a copy in the cloud (where it is stored in multiple locations) or physically on a disk that is not in the same location or at least on the same system.

My Device Has Been Infected. What do I do Now?

Some of the tools and software are available online that claim to be able to remove malware and even decrypt your encrypted data. While the former may be true, and there are programs that can detect and delete files or other data on your system that is unsafe, it is nearly impossible to recover files encrypted with the encryption the Besub Ransomware uses.
You can try manual methods of putting your computer into "Safe Mode" and then searching for infected or corrupted files and deleting them. However, this will not remove the malware and the process to accomplish that should only be undertaken by experts or very knowledgeable PC users, as it can cause further loss of data.

Do not accept to pay the ransom or try to contact the attackers. Contacting them could put you at greater risk of further attacks, and there is little to no chance of any paid ransom being honored with decrypted data.

Trending

Most Viewed

Loading...