Diller13 Ransomware Description
The Diller13 ransomware is a malware that is loosely related to the Scarab ransomware family. Diller13 has closer ties to a more immediate predecessor - the Maoloa ransomware.
This particular strain was detected and described by security researcher Amigo-A on Twitter in mid-2019. The ransomware appends the ".diller13" extension to scrambled files and puts its ransom note in a file named "how_to_back_files.html". The only thing that is certain about Diller13 ransomware is that its developers are not native English speakers. Here is the full text of the ransom note:
All your data has been ciphered!
The only way of recovering your files is to buy a unique decryptor.
A decryptor is fully automatical, all your data will be recovered within a few hours after it's installation.
For purchasing a decryptor contact us by email:
diller13 at protonmail dot com
If you get no answer within 24 hours contact us by our alternate emails:
diller13 at cock dot li
We assure full recovery after the payment.
To verify the possibility of the recovery of your files we can decipher 1 file for free.
Attach 1 file to the letter (no more than 25mb). Indicate your personal ID on the letter:
[long hexadecimal chunk]
In reply we will send you an deciphered file and an instruction for purchasing an automatical decryptor for all your files. After the payment we will send you a decryptor and an instructions for protecting your computer from network vulnerabilities.
Only diller13 at protonmail, diller13 at cock dot li can decipher all your files.
Launching of antivirus programs will not help.
Changing ciphered files will result in a loose of data.
Attempts of deciphering by yourself will result in a loose of data.
Decryptors of other users are unique and will not fit your files and use of those will result in a loose of data.
The best way to avoid ransomware infections like Diller13 entirely is to use a fully-featured anti-malware suite that includes anti-ransomware capabilities and can stop the encryption process before it has a chance to ruin your files.
Do You Suspect Your PC May Be Infected with Diller13 Ransomware & Other Threats? Scan Your PC with SpyHunterSpyHunter is a powerful malware remediation and protection tool designed to help provide PC users with in-depth system security analysis, detection and removal of a wide range of threats like Diller13 Ransomware as well as a one-on-one tech support service. Download SpyHunter's FREE Malware Remover
Security Doesn't Let You Download SpyHunter or Access the Internet?Solutions: Your computer may have malware hiding in memory that prevents any program, including SpyHunter, from executing on your computer. Follow to download SpyHunter and gain access to the Internet:
- Use an alternative browser. Malware may disable your browser. If you're using IE, for example, and having problems downloading SpyHunter, you should open Firefox, Chrome or Safari browser instead.
- Use a removable media. Download SpyHunter on another clean computer, burn it to a USB flash drive, DVD/CD, or any preferred removable media, then install it on your infected computer and run SpyHunter's malware scanner.
- Start Windows in Safe Mode. If you can not access your Window's desktop, reboot your computer in "Safe Mode with Networking" and install SpyHunter in Safe Mode.
- IE Users: Disable proxy server for Internet Explorer to browse the web with Internet Explorer or update your anti-spyware program. Malware modifies your Windows settings to use a proxy server to prevent you from browsing the web with IE.