DRV Ransomware

By GoldSparrow in Ransomware

Translate To:

The DVR Ransomware is a recently spotted data-locking Trojan. This threat is a variant of the HiddenTear Ransomware. Interestingly enough, the HiddenTear Ransomware was not developed with harmful intentions; on the contrary. The creators of the HiddenTear Ransomware developed it as an educational tool for users and analysts who want to learn more about file-encrypting Trojans. However, cybercriminals saw this as an opportunity to hijack this well-intended tool and weaponize it for their own profit.

Propagation and Encryption

Cybersecurity experts are not certain how the DVR Ransomware is being propagated exactly. Some researchers believe that the creators of the DVR Ransomware may have used some of the commonly utilized infection vectors that are often linked to the distribution of data-encrypting Trojans. Among them are spam email campaigns, pirated versions of popular applications, fake software updates, and downloads, torrent trackers, malvertising operations, etc. The DVR Ransomware is designed to target countless file types to ensure maximum damage. The more file a ransomware threat locks, the higher the chance of the victim pays up. This means that if the users’ systems get infected by the DVR Ransomware, all their documents, archives, databases, images, audio files, videos, and other data, will be locked securely. Upon locking a targeted file, the DVR Ransomware changes its name by adding its own extension – ‘.lasan.’ For example, a file that the user had named ‘lightning-storm.mp4’ will be renamed to ‘lightning-storm.mp4.lasan’ after the encryption process has been completed promptly.

The Ransom Note

Most authors of ransomware threats make sure that their creation drops a note on the users’ systems that would instruct them on how to get in touch with the attackers and how to process the payment required. However, in the case of the DVR Ransomware, the creators of this Trojan failed to provide any useful information. There are no contact details mentioned, and there is no information regarding the decryption key the user needs in order to recover their data. It is not clear why the authors of the DVR Ransomware have opted not to include such crucial information.

Luckily, there is a solution. Any user should download and install a legitimate anti-malware suite that will help remove the DVR Ransomware from their PCs safely. Next, users should search for the HiddenTear decryptor and follow the provided instructions on how to recover their files. Most copies of the HiddenTear Ransomware, fortunately, are decryptable so you may be able to recover your data fully.

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

DRV Ransomware

Propagation and Encryption

The Ransom Note

Submit Comment

Related Posts

Cdrvrs.com

Virus.Rootkitdrv.gen!A

Virus.Rootkitdrv.OE

Virus.Rootkitdrv.gen!FX

Virus.Rootkitdrv.gen!FP

VirTool.Rootkitdrv.LY

Trending

'YouPorn' Email Scam

Safe Search Eng

Findtheirreport.com

Most Viewed

Is Lookmovie.io Safe?

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen