DualShot Ransomware

The DualShot Ransomware is a file-locking Trojan that has emerged recently. The DualShot Ransomware also is referred to as Dsec Ransomware. Data-lockers like the DualShot Ransomware are one of the worst malware types a regular user can come across. Ransomware threats encrypt all the files present on a compromised computer and then require the user to pay a hefty ransom sum to obtain a decryption key, which will reverse the damage done to the data.

Propagation and Encryption

It is not clear how the authors of the DualShot Ransomware are distributing this file-locker. It is highly likely that the creators of the DualShot Ransomware are using phishing email campaigns to propagate this threat. Usually, targeted users would receive an email in their inbox that poses as an important message. The email in question would contain a fraudulent message alongside a macro-laced file or a corrupted link. Other commonly used propagation methods include fraudulent social media pages, torrent trackers, fake software downloads and updates, malvertising operations, etc. Upon compromising a computer, the DualShot Ransomware will scan its files and locate the ones that will be encrypted later. Next, the DualShot Ransomware will begin its encryption process and lock the targeted data. The DualShot Ransomware will not spare any documents, images, videos, audio files, presentations, archives, spreadsheets, databases, etc. The DualShot Ransomware will add a '.dsec' extension to all the locked files. For example, a file that the user named 'red-grape.pdf' will be renamed to 'red-grape.pdf.dsec.'

The Ransom Note

The DualShot Ransomware displays its ransom message in a new window, which is titled 'Warning.' In the ransom message, the attackers inform the victims that their data has been encrypted and they need to pay a ransom fee of $250 in Bitcoin. The authors of the DualShot Ransomware offer an email address so that the user can contact them – ‘jofkznve148172@outlook.com.' The victims are warned to pay sooner rather than later as the decryption key they need may be destroyed if they take too long.

It is not a good idea to get in touch with cybercriminals like the creators of the DualShot Ransomware. It is common that users who pay the ransom fee demanded are not provided with the decryption key that is the only way to recover their files. This is why it is advisable to install a modern, trustworthy anti-virus software suite, which will not only rid you of the DualShot Ransomware but also make sure you do not find yourself in this situation again in the future.