DumbStackz Ransomware

Information security researchers uncovered DumbStackz during their analysis of potential malware threats. DumbStackz is specifically engineered to encrypt numerous files on compromised devices and subsequently demand ransom payment for their decryption.

Upon activation, this ransomware encrypts files and appends a '.DumbStackz' extension to their filenames. For instance, a file named '1.doc' would appear as '1.doc.DumbStackz,' '2.pdf' as '2.pdf.DumbStackz,' and so forth for all affected files.

Following the encryption process, DumbStackz alters the desktop wallpaper and generates a ransom note within a text file titled 'read_it.txt.' Moreover, researchers have identified that this malicious software is derived from the Chaos Ransomware family.

The DumbStackz Ransomware Renders Numerous Files Unusable

DumbStackz's message notifies the victim that their files have been locked or encrypted and that unlocking them requires payment of a ransom, specifically 0.001 BTC (Bitcoin cryptocurrency). This amount equates to approximately $60 based on the current Bitcoin exchange rate, though it's essential to note that conversion rates are subject to constant fluctuations.

Upon payment, the victim is assured that decryption tools will be provided. Failure to comply with these demands within two days will result in the deletion of the affected files.

Information security experts caution that decryption is typically impossible without the intervention of cybercriminals. Furthermore, even after payment, these criminals frequently fail to deliver the decryption keys or software. Consequently, it is strongly advised against meeting the ransom demands, as there is no guarantee of data recovery, and payment only serves to perpetuate this illegal activity.

While removing the DumbStackz Ransomware from the operating system prevents further encryption, unfortunately, it does not restore files that have already been compromised.

Ensure that Your Devices and Data Have Sufficient Protection from Malware Attacks

Ensuring that devices and data are adequately protected from malware attacks involves implementing a comprehensive set of security measures. Here's a detailed guide on how users can achieve this:

• Install and Maintain Security Software: Begin by installing reputable anti-malware software on all devices, including computers, smartphones and tablets.
•   Activate Firewall Protection: Enable the firewall on all devices to monitor all network traffic on them. Firewalls act as a barrier between your device and potentially harmful external networks, helping to block unauthorized access and prevent malware from gaining access to the system.
•   Keep Software Updated: Regularly update the operating system, applications and software on all devices. Software updates often deliver patches for known security vulnerabilities that could be exploited by malware. Set devices to automatically install updates whenever possible to ensure they are always protected.
•   Practice Safe Browsing Habits: Exercise caution when browsing the Internet and avoid interacting with suspicious links, downloading files from unknown sources, or visiting untrustworthy websites. Be prudently watchful of phishing emails and messages that attempt to deceive unsuspecting users into revealing personal information or downloading malware.
•   Use Strong, Unique Passwords: Build strong, complex passwords for all accounts and devices. Avoid using easily guessable passwords and consider the utilization of a password manager to store and manage passwords for multiple accounts securely.
•   Educate Yourself About Malware Threats: Stay informed about the latest malware threats and cybersecurity best practices. Educate yourself and your family members or colleagues about common malware attack vectors, such as phishing scams and malicious downloads, to avoid falling victim to them.
•   Regularly Backup Data: Implement a regular backup strategy to create copies of important files and data. Backup data to an external hard drive, a cloud storage service, or both, and ensure that backups are performed regularly to minimize data loss in the event of a malware attack.
•   Limit User Privileges: Restrict user privileges on devices to block unauthorized access and reduce the risk of malware infection. Use separate user accounts for everyday tasks and administrative tasks, and only grant administrative privileges when necessary.

By following these comprehensive security measures, users can significantly minimize the risk of malware attacks and protect their devices and data from harm.

The ransom note dropped by the DumbStackz Ransomware shows the following text:

'Sht well your files are locked. Lmao, well, sorry to say you won't be able to get them back without paying a fee. Unless you don't care about your files, I would encourage you to pay. The fee will cost you 0.001 bitcoin. Making this sht affordable. Sorry to cause you stress. Now, if you want to make this quick and simple, let's cut to the chase.

Step 1: Buy the bitcoin. Unless you own bitcoin, you will obviously need to buy it. Well, where the f*ck do I buy bitcoin?? You may be asking yourself that question. Luckily, there are many places to buy bitcoin. Such as apps like Coinbase, Crypto.com, Changelly Kraken, etc. There are also crypto ATMs to find one near you, go to coinflip.tech and enter a zip code. Or find others.

Step 2: Create a Bitcoin wallet. If you are on a mobile device, I recommend downloading Cake Wallet or Trust Wallet. They are wallets that hold many different crypto currencies. Such as Bitcoin. And if you are using a Windows computer, you can use the Wassabi wallet. It is a great and fast wallet to set up. From there, you can send the address you are sending the 0.001 bitcoin to, which is below this line. Or scan the QR code that is shown in my wallpaper. (My Bitcoin Address): 17CqMQFeuB3NTzJ2X28tfRmWaPyPQgvoHV

Step 3. Once you have sent the bitcoin successfully and it confirms through the blockchain, don't hesitate to contact me. I will provide you with the password to recover all of your files. It is another piece of software, so please disable virus and threat protection to allow it to decrypt successfully. Contact Me Once Paid: whosdumb_stackz@proton.me (This is an email, so you will need to write to me by email.)

Your files will be automatically deleted after 2 days from when this ransomware was installed. Do not try after 2 days because you will just be losing your money for nothing. Attempting to reset the computer will also delete all of your files, which you can try if you want.

PAY EXACTLY 0.001 BITCOIN OR YOUR FILES WILL NOT BE RELEASED TO YOU. IF ONE OF MY WORKERS IS THE ONE WHO GAVE YOU THIS RANSOMWARE, THEY WILL WAIT FOR THE PAYMENT TO GO THROUGH, AND THEY WILL GIVE YOU THE DECRYPTER. DO NOT TRY NEGOTIATING, OR ME OR MY WORKERS WILL BLOCK YOU. THE AMOUNT WILL NEED TO BE 0.001 BITCOIN, EVEN WITH THE FEES. MAKE SURE TO GET SOME EXTRA BITCOIN FOR EASY PAYMENT.

Again, if you have any issues or concerns, please contact me at whosdumb_stackz@proton.me (This is an email, so you will need to write to me by email.)

Bitcoin Address Again: 17CqMQFeuB3NTzJ2X28tfRmWaPyPQgvoHV'