Diller13 Ransomware

Diller13 Ransomware Description

The Diller13 ransomware is a malware that is loosely related to the Scarab ransomware family. Diller13 has closer ties to a more immediate predecessor - the Maoloa ransomware.

This particular strain was detected and described by security researcher Amigo-A on Twitter in mid-2019. The ransomware appends the ".diller13" extension to scrambled files and puts its ransom note in a file named "how_to_back_files.html". The only thing that is certain about Diller13 ransomware is that its developers are not native English speakers. Here is the full text of the ransom note:

All your data has been ciphered!

The only way of recovering your files is to buy a unique decryptor.
A decryptor is fully automatical, all your data will be recovered within a few hours after it's installation.

For purchasing a decryptor contact us by email:
diller13 at protonmail dot com

If you get no answer within 24 hours contact us by our alternate emails:
diller13 at cock dot li

We assure full recovery after the payment.
To verify the possibility of the recovery of your files we can decipher 1 file for free.
Attach 1 file to the letter (no more than 25mb). Indicate your personal ID on the letter:
[long hexadecimal chunk]

In reply we will send you an deciphered file and an instruction for purchasing an automatical decryptor for all your files. After the payment we will send you a decryptor and an instructions for protecting your computer from network vulnerabilities.


Only diller13 at protonmail, diller13 at cock dot li can decipher all your files.
Launching of antivirus programs will not help.
Changing ciphered files will result in a loose of data.
Attempts of deciphering by yourself will result in a loose of data.
Decryptors of other users are unique and will not fit your files and use of those will result in a loose of data.

The best way to avoid ransomware infections like Diller13 entirely is to use a fully-featured anti-malware suite that includes anti-ransomware capabilities and can stop the encryption process before it has a chance to ruin your files.

Do You Suspect Your Computer May Be Infected with Diller13 Ransomware & Other Threats? Scan Your Computer with SpyHunter

SpyHunter is a powerful malware remediation and protection tool designed to help provide users with in-depth system security analysis, detection and removal of a wide range of threats like Diller13 Ransomware as well as a one-on-one tech support service. Download SpyHunter's FREE Malware Remover*
Free Remover allows you, subject to a 48-hour waiting period, one remediation and removal for results found. Read our EULA, Privacy Policy & Special Discount Terms. See more Free SpyHunter Remover details.

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.