Donald Trampo Ransomware
Since Donald Trump was elected as president of the United States, PC security researchers have observed numerous ransomware Trojans themed around him and about political circumstances. It also is not uncommon to find encryption ransomware Trojans named or themed after world leaders. The Donald Trampo Ransomware is just the latest in a chain of encryption ransomware Trojans with similar themes that include Trojans such as the TrumpLocker Ransomware, the Sanctions Ransomware, the Angela Merkel Ransomware and the Comrade Circle Ransomware. The Donald Trampo Ransomware was first observed on June 1st, 2017. There is very little to differentiate the Donald Trampo Ransomware from other ransomware Trojans that are being used actively to attack computer users currently.
Table of Contents
The Donald Trampo Ransomware Infection and Its Consequences
The Donald Trampo Ransomware may be delivered to its victims through the use of spam email messages and corrupted links. The Donald Trampo Ransomware is designed to infect computers running the Windows operating system and is capable of affecting most versions of Windows. During its attack, the Donald Trampo Ransomware will target the user generated files, looking for files that counterpart a list of file extensions contained in the Donald Trampo Ransomware's configuration settings specifically. The following are examples of the files the Donald Trampo Ransomware will encrypt during its encryption ransomware attack:
.3gp, .7z, .apk, .avi, .bmp, .cdr, .cer, .chm, .conf, .css, .csv, .dat, .db, .dbf, .djvu, .dbx, .docm, ,doc, .epub, .docx .fb2, .flv, .gif, .gz, .iso .ibooks,.jpeg, .jpg, .key, .mdb .md2, .mdf, .mht, .mobi .mhtm, .mkv, .mov, .mp3, .mp4, .mpg .mpeg, .pict, .pdf, .pps, .pkg, .png, .ppt .pptx, .ppsx, .psd, .rar, .rtf, .scr, .swf, .sav, .tiff, .tif, .tbl, .torrent, .txt, .vsd, .wmv, .xls, .xlsx, .xps, .xml, .ckp, .zip, .java, .py, .asm, .c, .cpp, .cs, .js, .php, .dacpac, .rbw, .rb, .mrg, .dcx, .db3, .sql, .sqlite3, .sqlite, .sqlitedb, .psd, .psp, .pdb, .dxf, .dwg, .drw, .casb, .ccp, .cal, .cmx, .cr2.
The Donald Trampo Ransomware will encrypt files on all local drives, as well as on directories shared on the network and data contained in external memory devices connected to the victim's computer. The Donald Trampo Ransomware will add a new file extension to each affected files' name, making it easy to determine which files have been affected by the Donald Trampo Ransomware infection. The following file extension string is added to the end of each affected file's name (after the file's extension):
'.SN-[16 RANDOM DIGITS]-webmafia@asia.com_donald@trampo.info'
How the Donald Trampo Ransomware Demands Payment from Its Victims
After encrypting the victims' files, the Donald Trampo Ransomware will demand the payment of a ransom. To do this, the Donald Trampo Ransomware will display a ransom note. One way in which the Donald Trampo Ransomware demands a ransom payment is by altering the infected computer's desktop background. The Donald Trampo Ransomware will change it into a black screen with a message written in plain white text. The Donald Trampo Ransomware's ransom message reads as follows:
'Files are encrypted
Help in recovery
webmafia@asia.com
doanald@trampo.info'
Dealing with a Donald Trampo Ransomware Infection
PC security researchers that have written to the Donald Trampo Ransomware email addresses have reported that the con artists respond with instructions for downloading the TOR Browser and buying BitCoins to make an anonymous payment. Security researchers counsel computer users to avoid paying this amount or contacting the con artists. The probability of recovering the files is extremely low and making the payment allows these people to continue carrying out these attacks. Instead, by having file backups, computer users can recover their files quickly while undermining the whole strategy used by the Donald Trampo Ransomware in its attack completely. Along with a reliable security program that is fully up-to-date, having backup copies of your data on an external device or the cloud is the single best protection against the Donald Trampo Ransomware and other encryption ransomware Trojans.
SpyHunter Detects & Remove Donald Trampo Ransomware
File System Details
| # | File Name | MD5 |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|---|
| 1. | file.exe | 057a4e354e1007b0048ca6af000f0717 | 0 |
| 2. | file.exe | d971ace1a9209e1f1a6ceaf61b62a49c | 0 |
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.