DataKeeper Ransomware

The DataKeeper Ransomware is an encryption ransomware Trojan. These ransomware Trojans are threats designed to take the victims' files hostage by encrypting them with a strong encryption algorithm. The DataKeeper Ransomware and similar threats are designed to make the victim's files inaccessible until the victim pays a ransom. The DataKeeper Ransomware belongs to a Ransomware as a Service (RaaS) platform specifically. These services are offered by cybercrooks to allow anyone to create their own customized ransomware Trojan easily. The people that hire the DataKeeper Ransomware then only have to be concerned about distributing the threat, and the DataKeeper Ransomware's creators manage the ransom payments and logistics of keeping the software updated and effective.

Some Details about the DataKeeper Ransomware Attack

The DataKeeper Ransomware was first observed on February 21, 2018. PC security researchers observed a website on the Dark Web that allowed anyone interested in using the DataKeeper Ransomware to create a customized copy of the DataKeeper Ransomware and download it for distribution. The DataKeeper Ransomware is free to use and its download and does not rely on Command and Control servers, allowing it to run even when the infected computer is offline. The DataKeeper Ransomware is capable of using a strong encryption algorithm to target hundreds of different file types. Some particular file types that may become compromised during a DataKeeper Ransomware attack include:

.PNG, .PSD, .PSPIMAGE, .TGA, .THM, .TIF, .TIFF, .YUV, .AI, .EPS, .PS, .SVG, .INDD, .PCT, .PDF, .XLR, .XLS, .XLSX, .ACCDB, .DB, .DBF, .MDB, .PDB, .SQL, .APK, .APP, .BAT, .CGI, .COM, .EXE, .GADGET, .JAR, .PIF, .WSF, .DEM, .GAM, .NES, .ROM, .SAV, .DWG, .DXF, .GPX, .KML, .KMZ, .ASP, .ASPX, .CER, .CFM, .CSR, .CSS, .HTM, .HTML, .JS, .JSP, .PHP, .RSS, .XHTML, .DOC, .DOCX, .LOG, .MSG, .ODT, .PAGES, .RTF, .TEX, .TXT, .WPD, .WPS, .CSV, .DAT, .GED, .KEY, .KEYCHAIN, .PPS, .PPT, .PPTX, .INI, .PRF, .HQX, .MIM, .UUE, .7Z, .CBR, .DEB, .GZ, .PKG, .RAR, .RPM, .SITX, .TAR.GZ, .ZIP, .ZIPX, .BIN, .CUE, .DMG, .ISO, .MDF, .TOAST, .VCD, .SDF, .TAR, .TAX2014, .TAX2015, .VCF, .XML, .AIF, .IFF, .M3U, .M4A, .MID, .MP3, .MPA, .WAV, .WMA, .3G2, .3GP, .ASF, .AVI, .FLV, .M4V, .MOV, .MP4, .MPG, .RM, .SRT, .SWF, .VOB, .WMV, .3D, .3DM, .3DS, .MAX, .OBJ, R.BMP, .DDS, .GIF, .JPG,.CRX, .PLUGIN, .FNT, .FON, .OTF, .TTF, .CAB, .CPL, .CUR, .DESKTHEMEPACK, .DLL, .DMP, .DRV, .ICNS, .ICO, .LNK, .SYS, .CFG.

The DataKeeper Ransomware also will encrypt the first 100 MB of large files, which may include videos, databases, and similar user-generated files that tend to be larger. The DataKeeper Ransomware can be customized to target networks or computers that belong to a particular local group specifically. The DataKeeper Ransomware includes many features most other ransomware Trojans have, including the same obfuscation and distribution methods. Threats like the DataKeeper Ransomware deliver a ransom note after carrying out their attacks, which threatens the victims with permanent loss of the affected files until a ransom amount is paid. This ransom note can be customized by whoever is hiring the services of the people responsible for the DataKeeper Ransomware.

Protecting Your Data from Threats Like the DataKeeper Ransomware

The main reason why the DataKeeper Ransomware has caught the attention of PC security researchers is that it is initially free to download and use. Most RaaS platforms can be expensive and cause the user to incur several costs, either as a percentage of the ransom payments collected or through an upfront fee. The fact that an effective ransomware platform that can be customized is being offered for free is alarming since it points to a near future where even more ransomware Trojans will be used in attacks against computer users actively. Security experts strongly advise computer users to install a reliable security program that is fully up-to-date to intercept threats like the DataKeeper Ransomware before it carries out its attack and have file backups on an unmapped memory device.