'.divine File Extension' Ransomware

The '.divine File Extension' Ransomware is an encryption ransomware Trojan based on Everbe, a well-known ransomware Trojan. The '.divine File Extension' Ransomware, like most threats of this type, is generally delivered to the victim through spam email attachments, often taking the form of Microsoft Word files with embedded macro scripts that download and install the '.divine File Extension' Ransomware onto the victim's computer. There are several variants in the '.divine File Extension' Ransomware family of ransomware released in 2018, including the Thunder Ransomware and the Hyena Locker.

The '.divine File Extension' Ransomware Attacks Your Most Precious Files

The '.divine File Extension' Ransomware is identical to most encryption ransomware Trojans since it uses a strong encryption algorithm to make the victim's files inaccessible and then demands a ransom payment from the victim in exchange for the decryption key needed to restore the victim's files. The '.divine File Extension' Ransomware targets user-generated files, which may include a wide variety of document types. The files that may be targeted by threats like the '.divine File Extension' Ransomware include:

.ebd, .jbc, .pst, .ost, .tib, .tbk, .bak, .bac, .abk, .as4, .asd, .ashbak, .backup, .bck, .bdb, .bk1, .bkc, .bkf, .bkp, .boe, .bpa, .bpd, .bup, .cmb, .fbf, .fbw, .fh, .ful, .gho, .ipd, .nb7, .nba, .nbd, .nbf, .nbi, .nbu, .nco, .oeb, .old, .qic, .sn1, .sn2, .sna, .spi, .stg, .uci, .win, .xbk, .iso, .htm, .html, .mht, .p7, .p7c, .pem, .sgn, .sec, .cer, .csr, .djvu, .der, .stl, .crt, .p7b, .pfx, .fb, .fb2, .tif, .tiff, .pdf, .doc, .docx, .docm, .rtf, .xls, .xlsx, .xlsm, .ppt, .pptx, .ppsx, .txt, .cdr, .jpe, .jpg, .jpeg, .png, .bmp, .jiff, .jpf, .ply, .pov, .raw, .cf, .cfn, .tbn, .xcf, .xof, .key, .eml, .tbb, .dwf, .egg, .fc2, .fcz, .fg, .fp3, .pab, .oab, .psd, .psb, .pcx, .dwg, .dws, .dxe, .zip, .zipx, .7z, .rar, .rev, .afp, .bfa, .bpk, .bsk, .enc, .rzk, .rzx, .sef, .shy, .snk, .accdb, .ldf, .accdc, .adp, .dbc, .dbx, .dbf, .dbt, .dxl, .edb, .eql, .mdb, .mxl, .mdf, .sql, .sqlite, .sqlite3, .sqlitedb, .kdb, .kdbx, .1cd, .dt, .erf, .lgp, .md, .epf, .efb, .eis, .efn, .emd, .emr, .end, .eog, .erb, .ebn, .ebb, .prefab, .jif, .wor, .csv, .msg, .msf, .kwm, .pwm, .ai, .eps, .abd, .repx, .oxps, .dot.

The '.divine File Extension' Ransomware uses the AES 256 encryption to encrypt the victim's files and add the file extension '.divine' to the file's name, as well as an email contact address. The '.divine File Extension' Ransomware delivers a ransom note in the form of a text file that is named '!=How_to_decrypt_files=!.txt,' which will show on the infected computer's desktop. The text of the '.divine File Extension' Ransomware's ransom note reads:

'Hello, dear friend!
1. [ ALL YOUR FILES HAVE BEEN ENCRYPTED! ]
Your files are NOT damaged! Your files are modified only. This modification is reversible. The only 1 way to decrypt your files is to receive the decryption program.
2. [ HOW TO RECOVERY FILES? ]
To receive the decryption program write on our e-mail: thunderhelp@airmail.cc
And in subject write your ID: ID-[redacted 6 hex]
We send you full instruction how to decrypt all your files.
3. [ FREE DECRYPTION! ]
Free decryption as guarantee. We guarantee the receipt of the decryption program after payment. To believe, you can give us up to 3 files that we decrypt for free. Files should not be important to you! (databases, backups, large excel sheets, etc.)'

PC security researchers are against following the instructions presented by the '.divine File Extension' Ransomware's ransom note.

Protecting Your Data from Threats Like the '.divine File Extension' Ransomware

The '.divine File Extension' Ransomware's demands a ransom of 600 USD approximately, to be paid in Bitcoin. Malware researchers strongly advise computer users not to pay this ransom since it allows criminals to continue carrying out these attacks. Instead, PC users are advised to have file backups, which can be used to restore any compromised files after an attack involving a threat like the '.divine File Extension' Ransomware.