Threat Database Ransomware J-Ransom Ransomware

J-Ransom Ransomware

By GoldSparrow in Ransomware

The J-Ransom Ransomware is an encryption ransomware Trojan that is being used to attack computer users. The J-Ransom Ransomware is being used to target individual computer users and home PCs rather than businesses or Web servers. The J-Ransom Ransomware was first observed in early July 2017 and seems to be delivered using spam email messages. Victims of the J-Ransom Ransomware will receive an email message containing a Microsoft Word document as an attachment. This document will use corrupted macros to download and install the J-Ransom Ransomware onto the victim's computer. This is an attack method that was being used more than two decades ago but had been replaced by more advanced methods quietly. However, encryption ransomware Trojans have revived this distribution vector in the last couple of years, making it an extremely common way of delivering ransomware like the J-Ransom Ransomware to victims.

The Irony Contained on the File Extension Used by the J-Ransom Ransomware

Like other encryption ransomware Trojans, the main purpose of the J-Ransom Ransomware is to encrypt the victim's files and make them inaccessible. The J-Ransom Ransomware does this to demand a ransom payment from the victim. The J-Ransom Ransomware will mark the files encrypted in the attack by adding the file extension '.LoveYou' to the end of each affected file's name. The J-Ransom Ransomware, like most other ransomware Trojans, is designed to encrypt the user-generated files. This includes media files, as well as documents associated with commonly used software. The following are some of the file formats (among many others) that the J-Ransom Ransomware will encrypt in its infection process:

.3gp, .7z, .apk, .avi, .bmp, .cdr, .cer, .chm, .conf, .css, .csv, .dat, .db, .dbf, .djvu, .dbx, .docm, ,doc, .epub, .docx .fb2, .flv, .gif, .gz, .iso .ibooks,.jpeg, .jpg, .key, .mdb .md2, .mdf, .mht, .mobi .mhtm, .mkv, .mov, .mp3, .mp4, .mpg .mpeg, .pict, .pdf, .pps, .pkg, .png, .ppt .pptx, .ppsx, .psd, .rar, .rtf, .scr, .swf, .sav, .tiff, .tif, .tbl, .torrent, .txt, .vsd, .wmv, .xls, .xlsx, .xps, .xml, .ckp, .zip, .java, .py, .asm, .c, .cpp, .cs, .js, .php, .dacpac, .rbw, .rb, .mrg, .dcx, .db3, .sql, .sqlite3, .sqlite, .sqlitedb, .psd, .psp, .pdb, .dxf, .dwg, .drw, .casb, .ccp, .cal, .cmx, .cr2.

After encrypting the victim's files, the J-Ransom Ransomware will deliver a text file named 'ReadMe.txt,' which is unloaded on the infected computer's desktop. While most encryption ransomware Trojans use this text file to alert the victim of the attack and then include instructions on how to pay a ransom to recover them, the J-Ransom Ransomware does not do such thing. Rather, the J-Ransom Ransomware simply displays the following message on the victim's computer:

'Hey you !! Congratulations. Your fucking files are all encoded'

Dealing with the J-Ransom Ransomware Infection

It's possible that the J-Ransom Ransomware infection is still in an unfinished state. One reason to believe this is that the J-Ransom Ransomware does not provide any contact or payment method, meaning that victims have no way of paying the ransom (defeating the whole purpose of ransomware attacks like the J-Ransom Ransomware). A variant of the J-Ransom Ransomware may display a pop-up window asking the victim to enter a password to decrypt the files. Curiously, this variant will often respond to the password 'password,' giving some computer users a possible way to undo the damage caused by the J-Ransom Ransomware. However, it is very unlikely that this will continue to be the case as new variants of the J-Ransom Ransomware are released. Because of this, take precautionary measures to ensure that your data is protected against this threat.

The best precaution against threats like the J-Ransom Ransomware is to have a reliable security program installed and file backups on an external memory device or the cloud. File backups will make you completely invulnerable to attacks like the J-Ransom Ransomware. Learning to handle spam email messages safely also is an essential part of protecting yourself against these infections.


Most Viewed