Threat Database Ransomware DeathNote Hackers Ransomware

DeathNote Hackers Ransomware

By GoldSparrow in Ransomware

The DeathNote Hackers Ransomware is a ransomware Trojan first observed on April 18, 2017. The DeathNote Hackers Ransomware receives its name because it changes the affected computer's Desktop image into a picture that includes the name 'DeathNote Hackers,' which seems to refer to a hacking group based in Indonesia (according to their Facebook page). It is, however, entirely possible that the DeathNote Hackers Ransomware is created by a third-party impersonating this group. The DeathNote Hackers Ransomware represents a real threat to computers and seems to target computers using the Windows operating system and located in Southeast Asia.

The DeathNote Hackers Ransomware is Deadly for Your Files

The DeathNote Hackers Ransomware is being delivered through corrupted email attachments primarily. Documents using compromised macros are delivered to victims attached to spam email messages using social engineering techniques to trick the computer users into opening the file attachment. Once the DeathNote Hackers Ransomware infects the victim's computer, it scans the contents of its hard drives in search for certain file types to encrypt using a strong encryption algorithm. The DeathNote Hackers Ransomware marks the files encrypted during the attack with the file extension '.fucked.' Malware researchers have determined that the DeathNote Hackers Ransomware will encrypt various file types, including the following:

.3GP, .7Z, .APK, .AVI, .BMP, .CDR, .CER, .CHM, .CONF, .CSS, .CSV, .DAT, .DB, .DBF, .DJVU, .DBX, .DOCM, ,DOC, .EPUB, .DOCX .FB2, .FLV, .GIF, .GZ, .ISO .IBOOKS,.JPEG, .JPG, .KEY, .MDB .MD2, .MDF, .MHT, .MOBI .MHTM, .MKV, .MOV, .MP3, .MP4, .MPG .MPEG, .PICT, .PDF, .PPS, .PKG, .PNG, .PPT .PPTX, .PPSX, .PSD, .RAR, .RTF, .SCR, .SWF, .SAV, .TIFF, .TIF, .TBL, .TORRENT, .TXT, .VSD, .WMV, .XLS, .XLSX, .XPS, .XML, .CKP, .ZIP, .JAVA, .PY, .ASM, .C, .CPP, .CS, .JS, .PHP, .DACPAC, .RBW, .RB, .MRG, .DCX, .DB3, .SQL, .SQLITE3, .SQLITE, .SQLITEDB, .PSD, .PSP, .PDB, .DXF, .DWG, .DRW, .CASB, .CCP, .CAL, .CMX, .CR2.

After encrypting the victim's files, the DeathNote Hackers Ransomware will change the infected computer's desktop image into a picture of a man wearing a black hood with a skull and a mask. The DeathNote Hackers Ransomware displays a ransom note in the form of a program window. The contents of the DeathNote Hackers Ransomware's ransom note read as follows:

'Your Computer files is encrypted
all files is encrypted witch extremely
powerfull new RIJINDAEL encryption
that no one can break except you have
a private string and IVs
To Decrypt Your File You Should Pay Me
0.5 BTC
Contact
Enter your code here: [TEXT BOX]'

Recovering from a DeathNote Hackers Ransomware Infection

Although it is nearly impossible to recover files encrypted by most ransomware Trojans, PC security researchers have been able to crack the DeathNote Hackers Ransomware's encryption. Therefore, computer users can decrypt the files affected by the DeathNote Hackers Ransomware by entering the decryption code '83KYG9NW-3K39V-2T3HJ-93F3Q-GT' into the DeathNote Hackers Ransomware's ransom note. It is entirely possible, however, that updated versions of the DeathNote Hackers Ransomware that may not use the same decryption key will be released soon. Because of this, take steps to protect your computer from these threats.

The best protection against the DeathNote Hackers Ransomware and similar ransomware Trojans is to have backups of all files. If there are backups of the affected files, computer users can recover from the attack, regardless of the strength of the encryption algorithm. While this is not essential in the case of the DeathNote Hackers Ransomware itself, in most ransomware Trojan attacks, it is impossible to recover the encrypted files. The presence of file backups nullifies the attack completely, taking away the leverage from the con artists that allow them to demand ransom payments from the victim. Apart from file backups, a reliable and updated security program can help remove the DeathNote Hackers Ransomware infection itself and intercept it before it manages to start the encryption process on the infected computer.

Trending

Most Viewed

Loading...