'.jamper File Extension' Ransomware

The '.jamper File Extension' Ransomware is a particularly nasty ransomware Trojan that will make the victims' files inaccessible. The '.jamper File Extension' Ransomware, like most encryption ransomware Trojans, takes the victims' files hostage and then demands a ransom payment in exchange for the decryption key needed to restore the compromised data. The '.jamper File Extension' Ransomware was first observed in March 2019 and has already claimed various victims in North America.

How the '.jamper File Extension' Ransomware can Attack a Computer

Most ransomware Trojans target the user-generated files, which may include a wide variety of media files, documents, spreadsheets, databases, etc. The files that most encryption ransomware Trojans encrypt in these attacks include:

.jpg, .jpeg, .raw, .tif, .gif, .png, .bmp, .3dm, .max, .accdb, .db, .dbf, .mdb, .pdb, .sql, .dwg, .dxf, .cpp, .cs, .h, .php, .asp, .rb, .java, .jar, .class, .py, .js, .aaf, .aep, .aepx, .plb, .prel, .prproj, .aet, .ppj, .psd, .indd, .indl, .indt, .indb, .inx, .idml, .pmd, .xqx, .xqx, .ai, .eps, .ps, .svg, .swf, .fla, .as3, .as, .txt, .doc, .dot, .docx, .docm, .dotx, .dotm, .docb, .rtf, .wpd, .wps, .msg, .pdf, .xls, .xlt, .xlm, .xlsx, .xlsm, .xltx, .xltm, .xlsb, .xla, .xlam, .xll, .xlw, .ppt, .pot, .pps, .pptx, .pptm, .potx, .potm, .ppam, .ppsx, .ppsm, .sldx, .sldm, .wav, .mp3, .aif, .iff, .m3u, .m4u, .mid, .mpa, .wma, .ra, .avi, .mov, .mp4, .3gp, .mpeg, .3g2, .asf, .asx, .flv, .mpg, .wmv, .vob, .m3u8, .dat, .csv, .efx, .sdf, .vcf, .xml, .ses, .qbw, .qbb, .qbm, .qbi, .qbr , .cnt, .des, .v30, .qbo, .ini, .lgb, .qwc, .qbp, .aif, .qba, .tlg, .qbx, .qby , .1pa, .qpd, .txt, .set, .iif, .nd, .rtp, .tlg, .wav, .qsm, .qss, .qst, .fx0, .fx1, .mx0, .fpx, .fxr, .fim, .ptb, .ai, .pfb, .cgn, .vsd, .cdr, .cmx, .cpt, .csl, .cur, .des, .dsf, .ds4, , .drw, .eps, .ps, .prn, .gif, .pcd, .pct, .pcx, .plt, .rif, .svg, .swf, .tga, .tiff, .psp, .ttf, .wpd, .wpg, .wi, .raw, .wmf, .txt, .cal, .cpx, .shw, .clk, .cdx, .cdt, .fpx, .fmv, .img, .gem, .xcf, .pic, .mac, .met, .pp4, .pp5, .ppf, .nap, .pat, .ps, .prn, .sct, .vsd, .wk3, .wk4, .xpm, .zip, .rar.

The '.jamper File Extension' Ransomware, however, is especially nasty because it also targets executable files with the .exe extension, dynamic link libraries with the .dll extension, and other files that are commonly linked to applications and rarely targeted by encryption ransomware Trojans. This can mean that not only will the victims lose their documents but also most applications on the affected computer will cease to work correctly.

Why You Should Fear to be Infected by the '.jamper File Extension' Ransomware

The '.jamper File Extension' Ransomware is typically delivered to a computer via a corrupted spam email attachment, which often uses embedded macro scripts that download and install the '.jamper File Extension' Ransomware onto the victim's computer. These are often part of social engineering campaigns that disguise the file attachments and use misleading language in the emails to trick computer users into believing that the attachment is legitimate and installing it onto their computers. Once the '.jamper File Extension' Ransomware has carried out its attack, the '.jamper File Extension' Ransomware delivers a ransom message in the form of a text file named '---README---.txt' that demands that the victim contact the criminals via greenworksh@mail.com or greenworksh@countermail.com. Neither of these emails is used in the spam email tactics that distribute the '.jamper File Extension' Ransomware, which generally uses spoofed email addresses.

Dealing with the '.jamper File Extension' Ransomware

Generally, computer users should deal with threats like the '.jamper File Extension' Ransomware by using file backups to restore any data compromised by the attack. However, in the case of the '.jamper File Extension' Ransomware it also is necessary to reinstall affected software and applications. Due to the particularly vicious nature of the '.jamper File Extension' Ransomware, it will often be required to restore the entire victim's computer from a disk image or wipe the affected drive and reinstall the victim's operating system from scratch.