Threat Database Ransomware D0n Ransomware

D0n Ransomware

The D0n Ransomware is a threatening software that is designed to encrypt files on an infected computer and append their names with a victim's ID, the dong@techmail.info email address and the '.d0n' extension. It is a new variant of the Dharma Ransomware. In addition, the threat drops an 'info.txt' file containing ransom notes and displays a pop-up window with further instructions for paying the ransom.

The ransom notes that the victims have received stipulate that they should contact 'dong@airmail.cc,' 'dong@techmail.info' or 'buhelper@proton.me' to regain access to their data. The particular message from D0n Ransomware's pop-up window further states that three encrypted files can be decrypted free of charge before any sort of payment is made. In addition, it cautions them against renaming the locked files or utilizing third-party software to decrypt the data since this could result in irreversible damage.

How Most Ransomware is Spread?

Most ransomware is spread through corrupted email attachments, compromised links and drive-by downloads. Corrupted emails often appear to be from a genuine source, such as a bank or government agency, and contain an attachment that carries a threatening payload. When the users open the attachment, the malware is executed on their computers.

Compromised links are also used to spread ransomware. These links can be sent via email, social media or instant messaging. Clicking on the link, users are taken to a deceitful website that downloads and installs the ransomware on their computers.

Finally, ransomware also can be spread through unsafe advertisements or software vulnerabilities. Corrupted advertisements are often found on websites and can download ransomware onto the users' computers when they click on them. Software vulnerabilities are weaknesses in a program that can be exploited by attackers to install malware, including ransomware, onto a user's computer.

How to Protect Yourself from Ransomware Infections?

Ransomware is a type of threatening software that can infect your computer and encrypt your data, making it inaccessible until you pay a ransom. To protect your machine from ransomware infections, it is important to keep your computer updated and only download files from official sources. Be wary of suspicious emails with attachments or links, and avoid opening emails from unknown senders or with suspicious content. Scanning your computer regularly can help detect any ransomware infections and remove them quickly. It also is important to avoid using cracked or unknown software, as these could be infected with ransomware. Research any software before downloading it to ensure it is safe.

The ransom note shown as a pop-up window:

'All your files have been encrypted!
Don't worry, you can return all your files!
If you want to restore them, write to the mail: buhelper@proton.me : dong@techmail.info YOUR ID -
If you have not answered by mail within 12 hours, write to us by another mail:dong@airmail.cc
Free decryption as guarantee
Before paying you can send us up to 3 files for free decryption. The total size of files must be less than 3Mb (non archived), and files should not contain valuable information. (databases,backups, large excel sheets, etc.)
How to obtain Bitcoins
The easiest way to buy bitcoins is LocalBitcoins site. You have to register, click 'Buy bitcoins', and select the seller by payment method and price.
hxxps://localbitcoins.com/buy_bitcoins
Also you can find other places to buy Bitcoins and beginners guide here:
hxxp://www.coindesk.com/information/how-can-i-buy-bitcoins/
Attention!
Do not rename encrypted files.
Do not try to decrypt your data using third party software, it may cause permanent data loss.
Decryption of your files with the help of third parties may cause increased price (they add their fee to our) or you can become a victim of a scam.'

Instructions delivered as a text file:

'all your data has been locked us
You want to return?
write email dong@airmail.cc or buhelper@proton.me'

Related Posts

Trending

Most Viewed

Loading...