STOP-Browec Ransomware

The STOP-Browec Ransomware Trojan is a variant in the STOP Ransomware family, a ransomware family that has dozens of variants, most released in 2018 and 2019. The STOP-Browec Ransomware variant was released on April 12, 2019, and is marked as 'version v066,' which suggests that there were 65 previous versions of this malware threat. Like most STOP Ransomware variants, the STOP-Browec Ransomware carries out a typical encryption ransomware Trojan, using a strong encryption algorithm to make the victim's files unreachable so that it can demand a ransom payment in exchange for the decryption key.

The STOP-Browec Ransomware Attacks Your Files

The STOP-Browec Ransomware Trojan searches for the user-generated files on the infected computer device, which may include files with the following file extensions:

.jpg, .jpeg, .raw, .tif, .gif, .png, .bmp, .3dm, .max, .accdb, .db, .dbf, .mdb, .pdb, .sql, .dwg, .dxf, .cpp, .cs, .h, .php, .asp, .rb, .java, .jar, .class, .py, .js, .aaf, .aep, .aepx, .plb, .prel, .prproj, .aet, .ppj, .psd, .indd, .indl, .indt, .indb, .inx, .idml, .pmd, .xqx, .xqx, .ai, .eps, .ps, .svg, .swf, .fla, .as3, .as, .txt, .doc, .dot, .docx, .docm, .dotx, .dotm, .docb, .rtf, .wpd, .wps, .msg, .pdf, .xls, .xlt, .xlm, .xlsx, .xlsm, .xltx, .xltm, .xlsb, .xla, .xlam, .xll, .xlw, .ppt, .pot, .pps, .pptx, .pptm, .potx, .potm, .ppam, .ppsx, .ppsm, .sldx, .sldm, .wav, .mp3, .aif, .iff, .m3u, .m4u, .mid, .mpa, .wma, .ra, .avi, .mov, .mp4, .3gp, .mpeg, .3g2, .asf, .asx, .flv, .mpg, .wmv, .vob, .m3u8, .dat, .csv, .efx, .sdf, .vcf, .xml, .ses, .qbw, .qbb, .qbm, .qbi, .qbr , .cnt, .des, .v30, .qbo, .ini, .lgb, .qwc, .qbp, .aif, .qba, .tlg, .qbx, .qby , .1pa, .qpd, .txt, .set, .iif, .nd, .rtp, .tlg, .wav, .qsm, .qss, .qst, .fx0, .fx1, .mx0, .fpx, .fxr, .fim, .ptb, .ai, .pfb, .cgn, .vsd, .cdr, .cmx, .cpt, .csl, .cur, .des, .dsf, .ds4, , .drw, .eps, .ps, .prn, .gif, .pcd, .pct, .pcx, .plt, .rif, .svg, .swf, .tga, .tiff, .psp, .ttf, .wpd, .wpg, .wi, .raw, .wmf, .txt, .cal, .cpx, .shw, .clk, .cdx, .cdt, .fpx, .fmv, .img, .gem, .xcf, .pic, .mac, .met, .pp4, .pp5, .ppf, .nap, .pat, .ps, .prn, .sct, .vsd, .wk3, .wk4, .xpm, .zip, .rar.

The STOP-Browec Ransomware then uses the AES and RSA encryptions to make the victim's files completely inaccessible, storing the decryption key away from the victim's reach. Once the victim's files have been compromised, the STOP-Browec Ransomware delivers a ransom note in a text file named '_readme.t,' which contains the following message for the victim:

'ATTENTION!
Don't worry my friend, you can return all your files!
All your files like photos, databases, documents and other important are encrypted with strongest encryption and unique key.
The only method of recovering files is to purchase decrypt tool and unique key for you.
This software will decrypt all your encrypted files.
What guarantees you have?
You can send one of your encrypted file from your PC and we decrypt it for free.
But we can decrypt only 1 file for free. File must not contain valuable information.
You can get and look video overview decrypt tool:
https://we.tl/t-1LFQOfI0Se
Price of private key and decrypt software is $980.
Discount 50% available if you contact us first 72 hours, that's price for you is $490.
Please note that you'll never restore your data without payment.
Check your e-mail "Spam" folder if you don't get answer more than 6 hours.

Your personal ID:
[random characters]'

The files encrypted by the STOP-Browec Ransomware are marked with the file extension '.browec,' added to the compromised file's name.

Protecting Your Data from Threats Like the STOP-Browec Ransomware

The best protection against threats like the STOP-Browec Ransomware is to have backup copies of your data. File backups can be used to replace any files compromised by the STOP-Browec Ransomware attack. Apart from file backups, it also is recommend that computer users use an anti-malware program that is fully up-to-date to prevent threats like the STOP-Browec Ransomware from carrying out their attacks in the first place.