Home Malware Programs Ransomware ‘Decipher@keemail.me’ Ransomware

‘Decipher@keemail.me’ Ransomware

Posted: July 16, 2015

Threat Metric

Threat Level: 10/10
Infected PCs: 87
First Seen: July 16, 2015
Last Seen: January 21, 2022
OS(es) Affected: Windows

The 'Decipher@keemail.me' Ransomware is a file encryptor Trojan that may make modifications to make files of popular formats (such as images and text documents) unreadable. As with similar threats, these attacks are intended to coerce the victim into transferring money to the 'Decipher@keemail.me' Ransomware's developers in exchange for a decryption key. Anti-malware solutions can be used to block the 'Decipher@keemail.me' Ransomware's original installers and various delivery methods. However, even after deleting the 'Decipher@keemail.me' Ransomware, additional steps are necessary for recovering your file data.

The Ransomware Without Instructions

The 'Decipher@keemail.me' Ransomware is a likely variant of Cryptowall Ransomware or Rakhni, although its campaigns are much newer than those threats and utilize as of yet unconfirmed infection methods. Malware researchers haven't confirmed the source of the 'Decipher@keemail.me' Ransomware installations, but they have noted an apparent absence of e-mail-based attacks. The lack of such attacks could indicate that the 'Decipher@keemail.me' Ransomware is being installed by browser-loaded exploit kits, by freeware bundles or in the payloads of other threats.

The 'Decipher@keemail.me' Ransomware targets files of specific types, including formats such as DOC, JPG, and PDF. These files are encrypted, making them effectively unusable. Additional changes to the file names insert the string ''Decipher@keemail.me'' along with a unique ID number, allowing victims to identify the affected files. Malware analysts also verified the 'Decipher@keemail.me' Ransomware's attacking files on network-shared locations, instead of limiting itself to local files.

Despite these generic tactics, the 'Decipher@keemail.me' Ransomware also shows at least a single, major divergence from standard file encryption campaigns. Unlike most ransomware, current versions of the 'Decipher@keemail.me' Ransomware don't generate text files that instruct their victims on how to make payments. The 'Decipher@keemail.me' Ransomware also fails to lock the OS desktop or make other, highly visible modifications for promoting its ransom recommendations. However, the e-mail addresses provided in the file name modifications most likely are intended to be a means of providing ransom-related communications.

Deciphering a Safe Solution to the 'Decipher@keemail.me' Ransomware

Initiating payments to third parties through the 'Decipher@keemail.me' isn't guaranteed to restore your files. However, many PC security companies can offer specialized decryption tools for major threats, including Cryptowall variants like the 'Decipher@keemail.me' Ransomware. Malware researchers also have found most forms of file encryptors to be ineffective at compromising backups in particularly secure locations, such as cloud storage services.

Updating your security software can give it the optimal chance of detecting and deleting the 'Decipher@keemail.me' Ransomware, along with any threats related to the 'Decipher@keemail.me' Ransomware. Updating your software, in general, particularly exploit-rich platforms like Flash, also is ideal for your PC's security. So far, the 'Decipher@keemail.me' Ransomware campaign, for all its newness, shows all inclinations of utilizing non-consensual software exploits that require neither the victim's consent nor his awareness of the attack.

There is some initial, albeit unconfirmed evidence that some versions of the 'Decipher@keemail.me' Ransomware may be being served via compromised advertising networks, alongside fraudulent warnings for phishing attacks.

Loading...