Dutan Ransomware

Security researches have recently noted the existence of a new file-encrypting Trojan called the Dutan Ransomware. Swiftly after the discovery of this ransomware threat, malware experts found out that it is not new completely but belongs to the STOP Ransomware family. Ransomware threats are considered among the most threatening malware types out there. They operate by encrypting your files and asking for cash while promising to unlock the data affected. Very often these promises are empty, and the users do not receive anything in return for their money.

Spam emails containing an infected attachment, fraudulent update notifications, and pirated applications are among the propagation methods that security researchers are speculating to be employed in the spreading of the Dutan Ransomware. If the Dutan Ransomware succeeds in gaining access to your computer, it will begin performing the first step of its attack – the scanning. The Dutan Ransomware would scan your PC so it can locate the file types that it is meant to encrypt. Once they are detected, the Dutan Ransomware would proceed with the next step, namely the encryption process. Upon locking your files, you will notice that the names of your files have been slightly altered – the Dutan Ransomware has added its extension, '.dutan,' at the end of the file, name turning a file originally called 'senpai.mp3' into 'senpai.mp3.dutan.' When the Dutan Ransomware has locked all the files it was programmed to target, it would drop off a ransom note for the victim to read. The Dutan Ransomware's ransom note is named '_readme.txt' and does not state the sum that the attackers would like to receive. Instead, they only give out an email address where the user is supposed to contact them, probably to receive more information on how to process the payment and supposedly receive a decryption tool. The email address given is 'gorentos@bitmessage.ch.'

As we mentioned, cyber crooks do not tend to hold their word, and you will likely be taken advantage of by them so that it is best not to pay up and not to engage with such individuals. The best option you have is obtaining a reputable antivirus program and having it clear your PC for you. Then, if you wish, you can try and retrieve some files locked by the Dutan Ransomware via a data recovery application.