Deal_for_access Ransomware
There is a new data-locker that targets users online. The name of this new file-encrypting Trojan is Deal_for_access Ransomware. Ransomware threats are viral as they allow cyber crooks to generate cash rather quickly. File-lockers usually target a wide range of filetypes, which they lock with the help of encryption algorithms. The users are asked to pay cash to receive a decryption tool that will allow them to unlock their files.
Propagation and Encryption
The Deal_for_access Ransomware is likely going after the most popular filetypes, which are usually found on the system of any regular user - .pdf, .doc, .docx, .txt, .mp3, .mid, .midi, .aac, .wav, mp4, .mov, .webm, .mpg, .jpg, .jpeg, .png, .gif, .svg, .rar, .db, .zip and others. The majority of the data present on the infected computer will be encrypted by the Deal_for_access Ransomware securely. Most ransomware threats append a new extension to the names of the encrypted file to mark them. However, this is not the case with the Deal_for_access Ransomware. Interestingly enough, the Deal_for_access Ransomware does not alter the names of the encrypted files at all. Threats like the Deal_for_access Ransomware are often distributed via phishing emails, malvertising, torrent trackers, fake social media campaigns, bogus software downloads, and updates, etc.
The Ransom Note
The Deal_for_access Ransomware ransom note is called ‘DEAL_FOR_ACCESS_TO_YOUR_FILES.txt.’ In the ransom message, the attackers state that unless the user pays them the ransom fee, their data will be leaked online. This is a new technique used by authors of file-lockers like the Deal_for_access Ransomware. It is another tool used to blackmail the victim into paying the sum demanded by the attackers. The creators of the Deal_for_access Ransomware offer to decrypt one file for free, as long as it does not exceed 2MB in size. The attackers do not mention what the ransom fee is but make it clear that there is a deadline for paying the sum that, if not met, the price doubles. To contact the attackers, the victim can message ‘l1u1t@secmail.pro.’
It is advisable to avoid contacting cybercriminals. Once you pay the ransom fee, there is no guarantee that you will receive the decryption tool that you need. This is why you should consider investing in a reputable, up-to-date anti-virus solution that will help you eradicate the Deal_for_access Ransomware from your PC.
