DoggeWiper Ransomware
The DoggeWiper Ransomware is an encryption ransomware Trojan first observed in February 2019. However, the DoggeWiper Ransomware has some aspects that set it apart from most threats of this type. The DoggeWiper Ransomware is mainly distributed via the Discord messenger, commonly used by gamers. Various corrupted executable files distribute the DoggeWiper Ransomware, including files with the following names:
The power of hentai.exe
BandagedBD_Windows_1.exe
DiscordAccessPlugin.exe
update_discord.exe
The DoggeWiper Ransomware simply encrypts the victim's files but does not offer any way to restore the compromised files, essentially functioning as a file wiper, while most encryption ransomware Trojans are designed to encrypt victim's files and then demand a ransom payment.
Why the DoggeWiper Ransomware is Threatening
The DoggeWiper Ransomware receives its name because it displays a picture of a Shiba dog using ASCII art. The DoggeWiper Ransomware uses a strong encryption algorithm to make the victim's files inaccessible, targeting a wide variety of file types. There are some examples of the files that threats like the DoggeWiper Ransomware target in these kinds of attacks, which are specified below:
.jpg, .jpeg, .raw, .tif, .gif, .png, .bmp, .3dm, .max, .accdb, .db, .dbf, .mdb, .pdb, .sql, .dwg, .dxf, .cpp, .cs, .h, .php, .asp, .rb, .java, .jar, .class, .py, .js, .aaf, .aep, .aepx, .plb, .prel, .prproj, .aet, .ppj, .psd, .indd, .indl, .indt, .indb, .inx, .idml, .pmd, .xqx, .xqx, .ai, .eps, .ps, .svg, .swf, .fla, .as3, .as, .txt, .doc, .dot, .docx, .docm, .dotx, .dotm, .docb, .rtf, .wpd, .wps, .msg, .pdf, .xls, .xlt, .xlm, .xlsx, .xlsm, .xltx, .xltm, .xlsb, .xla, .xlam, .xll, .xlw, .ppt, .pot, .pps, .pptx, .pptm, .potx, .potm, .ppam, .ppsx, .ppsm, .sldx, .sldm, .wav, .mp3, .aif, .iff, .m3u, .m4u, .mid, .mpa, .wma, .ra, .avi, .mov, .mp4, .3gp, .mpeg, .3g2, .asf, .asx, .flv, .mpg, .wmv, .vob, .m3u8, .dat, .csv, .efx, .sdf, .vcf, .xml, .ses, .qbw, .qbb, .qbm, .qbi, .qbr , .cnt, .des, .v30, .qbo, .ini, .lgb, .qwc, .qbp, .aif, .qba, .tlg, .qbx, .qby , .1pa, .qpd, .txt, .set, .iif, .nd, .rtp, .tlg, .wav, .qsm, .qss, .qst, .fx0, .fx1, .mx0, .fpx, .fxr, .fim, .ptb, .ai, .pfb, .cgn, .vsd, .cdr, .cmx, .cpt, .csl, .cur, .des, .dsf, .ds4, , .drw, .eps, .ps, .prn, .gif, .pcd, .pct, .pcx, .plt, .rif, .svg, .swf, .tga, .tiff, .psp, .ttf, .wpd, .wpg, .wi, .raw, .wmf, .txt, .cal, .cpx, .shw, .clk, .cdx, .cdt, .fpx, .fmv, .img, .gem, .xcf, .pic, .mac, .met, .pp4, .pp5, .ppf, .nap, .pat, .ps, .prn, .sct, .vsd, .wk3, .wk4, .xpm, .zip, .rar.
The DoggeWiper Ransomware attack will mark the damaged files with the file extension '.vscode,' which is added to the end of each affected file's name. The DoggeWiper Ransomware runs an executable file named 'Idiot.exe' that displays a pop-up window with an animation of a dancing soldier. These dialog windows fill up the screen until the victim's computer crashes or freezes up. The DoggeWiper Ransomware also drops a text file named 'RacWmiDatabase.sdf.txt' on the infected computer's desktop. The file contains a message filled with profanity (which has been replaced with asterisks in this version):
'My name is tostring, and your pc is now fu***d
Fu** you pain exists you fu****g ni***r
Now go fu****g cry to your skid friends and your skid followers/fans about how your pc just died megalul
Wow such beautiful files
Such wow
Made my minecraft master and tostring'
Protecting Your Data from Threats Like the DoggeWiper Ransomware
Unfortunately, once the DoggeWiper Ransomware attack is complete, the computer users' files will be unrecoverable. The DoggeWiper Ransomware essentially functions as a data wiper. Because of this, the best protection against this threat is to have the means to restore any compromised files. Having backup copies on a safe location, such as the cloud, is the most reliable way of ensuring that you can have your data back. Apart from file backups, it is crucial that computer users be cautious when handling any unknown file downloads when distributed via email or instant messenger particularly.
