Trump Ransomware

Trump Ransomware Description

The Trump Ransomware main function is to lock up files on the victim's computer and then demand a ransom in exchange for a tool that can revert the encryption. The files affected by Trump Ransomware keep their original name. However, the malware appends the extension "[levandos@email.cz].trump" to them. After completing the encryption process, the Trump Ransomware drops a file named "HOW TO RECOVER ENCRYPTED FILES.TXT" in the affected folders. That file contains the following ransom note:

"ATTENTION!

At the moment, your system is not protected.

We can fix it and restore files.

To restore the system write to this address:

levandos@email.cz

Personal ID:….."

The Trump Ransomware belongs to the Scarab Ransomware family. The Trump Ransomware is distributed through deceptive spam emails that contain corrupted links or attachments mainly. Compromised advertisements and torrent websites also could spread the Trump Ransomware. As the Trump Ransomware has a huge damage potential and can install additional data-collecting trojans or other malware on the victim's computer, it is recommended to remove it from your system immediately. The ransom's payment does not guarantee that you will get your data back. Instead, in most cases, it only can be recovered from backups created before the infection.

Related Posts