DecYourData Ransomware

File-lockers continue to be a popular hacking tool in the cybercrime field – they are easy to create fairly, and often offer great returns to their operators. One of the file-lockers identified in the wild recently is the DecYourData Ransomware – a new project that does not appear to be related to any of the notorious ransomware families of 2019 closely. The fact that DecYourData Ransomware is not associated with known projects does not mean that this threat should be underestimated certainly – it appears to pack a fully weaponized file-encryption algorithm that enables it to cause significant damage to the file system of the machines it infects.

Whenever the DecYourData Ransomware encrypts a file, it will make it easy to recognize it by adding a lengthy extension – ' id [decyourdata@protonmail.com]_all-files-encrypted.' For example, if you had the file 'invoice.xlsx' on your computer, and it got encrypted by the DecYourData Ransomware, its new name would be 'invoice.xlsx id [decyourdata@protonmail.com]_all-files-encrypted.'

The DecYourData Ransomware's Authors Ask for a Cryptocurrency Payment

Of course, the authors of the DecYourData Ransomware project are not doing this just to cause trouble – they offer all of their victims to take advantage of their decryption services. However, their offer comes at a price – they want to be paid via cryptocurrency, and the full instructions can be found in the file 'Help for decrypting id- [decyourdata@protonmail.com].txt' that the threat will create after completing the attack.

Striking a deal with the DecYourData Ransomware's operators is not a good solution because it can be very costly, and there is a fairly large chance that you may get tricked at the end. We suggest that victims of the DecYourData Ransomware use an up-to-date anti-virus product to eradicate the harmful program, and then look into alternative data recovery techniques and software.