‘.dragnea File Extension’ Ransomware Description
The '.dragnea File Extension' Ransomware is an encryption ransomware Trojan that is based on preexisting ransomware Trojans. The '.dragnea File Extension' Ransomware was first observed on July 31, 2018, and seemed to be in an unfinished version. The '.dragnea File Extension' Ransomware is designed to target computer users located in Romania specifically and includes a ransom note written in Romanian and images of people that would be recognized by citizens of this country, such as Liviu Dragnea, a political leader in Romania.
The '.dragnea File Extension' Ransomware Uses Politician Names in Its Attacks
The '.dragnea File Extension' Ransomware uses the AES 256 encryption to make the victim's files inaccessible, marking the affected files by adding the file extension '.dragnea' to the end the files' names. Threats like the '.dragnea File Extension' Ransomware will targetthe user-generated files, which make include files with the extensions:
.ebd, .jbc, .pst, .ost, .tib, .tbk, .bak, .bac, .abk, .as4, .asd, .ashbak, .backup, .bck, .bdb, .bk1, .bkc, .bkf, .bkp, .boe, .bpa, .bpd, .bup, .cmb, .fbf, .fbw, .fh, .ful, .gho, .ipd, .nb7, .nba, .nbd, .nbf, .nbi, .nbu, .nco, .oeb, .old, .qic, .sn1, .sn2, .sna, .spi, .stg, .uci, .win, .xbk, .iso, .htm, .html, .mht, .p7, .p7c, .pem, .sgn, .sec, .cer, .csr, .djvu, .der, .stl, .crt, .p7b, .pfx, .fb, .fb2, .tif, .tiff, .pdf, .doc, .docx, .docm, .rtf, .xls, .xlsx, .xlsm, .ppt, .pptx, .ppsx, .txt, .cdr, .jpe, .jpg, .jpeg, .png, .bmp, .jiff, .jpf, .ply, .pov, .raw, .cf, .cfn, .tbn, .xcf, .xof, .key, .eml, .tbb, .dwf, .egg, .fc2, .fcz, .fg, .fp3, .pab, .oab, .psd, .psb, .pcx, .dwg, .dws, .dxe, .zip, .zipx, .7z, .rar, .rev, .afp, .bfa, .bpk, .bsk, .enc, .rzk, .rzx, .sef, .shy, .snk, .accdb, .ldf, .accdc, .adp, .dbc, .dbx, .dbf, .dbt, .dxl, .edb, .eql, .mdb, .mxl, .mdf, .sql, .sqlite, .sqlite3, .sqlitedb, .kdb, .kdbx, .1cd, .dt, .erf, .lgp, .md, .epf, .efb, .eis, .efn, .emd, .emr, .end, .eog, .erb, .ebn, .ebb, .prefab, .jif, .wor, .csv, .msg, .msf, .kwm, .pwm, .ai, .eps, .abd, .repx, .oxps, .dot.
The '.dragnea File Extension' Ransomware delivers a ransom note in the form of a program window with a message written in Romanian and a text box for the victim to enter the decryption key, which would be obtained from the criminals responsible for the '.dragnea File Extension' Ransomware attack. The '.dragnea File Extension' Ransomware ransom message, translated into English from the original Romanian reads:
'Allow me to explain to you what is happening:
Your personal files will be destroyed. Documents, pictures, videos, etc.
And you stay calm, you can not stop it.
Why? Because that's what my mustache wants. I do not have a BTC wallet, and I do not, I do not know how. So, rest in peace! Well, let's start together.
Send at least 1989 miners to the party address here:
Enter the description key here: [text box]
I paid, now give me the files.'
Dealing with the '.dragnea File Extension' Ransomware Attack
Unfortunately, due to the strength of the '.dragnea File Extension' Ransomware encryption method, the files compromised by the '.dragnea File Extension' Ransomware attack will not be recoverable without the decryption key, which the criminals hold in their possession. Instead of paying the ransom, they should take preventive measures against the '.dragnea File Extension' Ransomware and similar threats. The best safeguard against losing your data due to an attack is to have file backups, either stored on cloud services or portable memory devices. Having file backups enables computer users to restore their files from the file backup after an attack. Apart from file backups, proper security programs can prevent the '.dragnea File Extension' Ransomware from being installed and be used to remove this threat. However, once the '.dragnea File Extension' Ransomware encrypts the files, they will not be recoverable without the decryption key.