JerryRansom Ransomware

Cybersecurity researchers identified a ransomware threat known as JerryRansom. This harmful software is designed to target and compromise victims' data by encrypting files, thereby making them inaccessible to the affected users. In addition to file encryption, the malware alters the desktop wallpaper of the infected system as part of its impact. Following the encryption process, victims are presented with a ransom note, typically delivered as a text file named 'Read_me.txt.'

JerryRansom appends a random four-digit extension to the original names of each encrypted file. For example, a file originally named '1.doc' may be renamed to '1.doc.bs20,' and '2.png' might become '2.png.csri,' and so on. It is crucial to note that JerryRansom is classified as a variant within the Chaos Ransomware family.

The JerryRansom Ransomware Demands a Ransom Paid in Bitcoins

In the ransom note issued by the JerryRansom Ransomware, victims are explicitly notified that their operating system has fallen prey to the threatening software. The note communicates that all files within the system have undergone encryption, and to regain access, the victim is required to make a payment of $11.03 in Bitcoins to the specified wallet address. Upon completing the payment, victims are further instructed to reach out to the attacker via email at jerryjobransom@gmail.com. Notably, the ransom note is available in both English and Russian versions, with the English variant containing information equivalent to that in the Russian version.

It is emphasized to victims that engaging in negotiations with ransomware attackers or acceding to their demands by making payments does not guarantee successful file recovery. Even after compliance with the ransom, there is no assurance that access to encrypted files will be restored. Regrettably, attempting to access files without making the payment is often futile.

Victims are strongly advised to remove the ransomware from their infected devices promptly. Delaying this action could lead to the loss of additional files. Furthermore, there is a risk that the ransomware may propagate within a local network, potentially infecting other connected computers. Therefore, victims must take immediate steps to eradicate the ransomware and prevent its further spread, underscoring the importance of swift and comprehensive response measures to mitigate the impact of such attacks.

Implement Robust Security Measures on All Devices

In the face of escalating ransomware threats, safeguarding personal and organizational data is paramount. Implementing robust security measures on devices is crucial to fortify defenses against potential ransomware attacks. Here are five essential measures users should consider:

• Regular Backups: Regularly back up important data to an external, offline storage device. This ensures that even if files are encrypted by ransomware, a recent, unaffected copy can be restored, mitigating potential data loss.
•  Up-to-date Security Software: Keep security software, including anti-malware programs, up-to-date. Regular updates enable these tools to detect and thwart the latest ransomware variants, enhancing overall protection against evolving threats.
•  User Education and Awareness: Educate users on recognizing phishing attempts and suspicious links. Ransomware often infiltrates systems through deceptive emails or unsafe websites. By fostering awareness, users can avoid inadvertently triggering an attack.
•  Strong Password Policies: Enforce strong password policies to prevent unauthorized access. Complex passwords and multi-factor authentication add layers of security, making it more challenging for ransomware attackers to compromise accounts and systems.
•  Network Segmentation: Implement network segmentation to restrict the lateral movement of ransomware within a network. Isolating critical systems can contain the impact of an attack, preventing the rapid spread of ransomware to other connected devices.

By integrating these measures into their cybersecurity strategy, users can significantly enhance their resilience against ransomware threats and protect their valuable data.

Victims of the JerryRansom Ransomware are left with the following ransom note:

'-----------------Ваша ОС атакована!-----------------
Здравствуйте, жертва. Ваши файлы были зашифрованы вымогателем JerryRansom
Чтобы расшифровать файлы, вам необходимо заплатить 11,03$ в биткоинах.
BitCoin-кошелек:17CqMQFeuB3NTzJ2X28tfRmWaPyPQgvoHV
После оплаты, напишите мне на электронную почту:jerryjobransom@gmail.com
-----------------Your OS has been attacked!-----------------
Hello, victim. Your files were encrypted by the Jerry Ransom ransomware
To decrypt the files, you need to pay $11.03 in bitcoins.
BitCoin Wallet:17CqMQFeuB3NTzJ2X28tfRmWaPyPQgvoHV
After payment, write to me by e-mail:jerryjobransom@gmail.com
-----------------Что случилось с моим устройством?-----------------
Ваша операционная система была атакована вымогателям JerryRansom. Все ваши файлы зашифрованы. Инструкция по расшифровке есть выше.
-----------------What happened to my device?-----------------
Your operating system has been attacked by the JerryRansom ransomware. All your files are encrypted. The decryption instructions are above.'