DEDCryptor Ransomware
Posted: June 16, 2016
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
Threat Level: | 10/10 |
---|---|
Infected PCs: | 3 |
First Seen: | June 16, 2016 |
---|---|
OS(es) Affected: | Windows |
The DEDCryptor Ransomware is a Trojan that holds your personal data hostage through an encryption-based attack, while using your desktop for conveying its ransom message. Responding to its extortion requests may not result in your acquiring a decryption solution necessarily, and malware researchers always emphasize preemptive data protection preferentially. Whether or not you can save the encrypted data, always remove the DEDCryptor Ransomware with the assistance of an anti-malware technology that can detect all associated threats.
Hosting a Greedy Santa in Your Hard Drive
Major varieties of ransomware, lock screen Trojans, and threatening file encryptors specialize in specific regions ordinarily, most likely for pure ease of coding purposes. However, being endemic to one particular region doesn't mean that a threat can't attack different countries necessarily, as can be surmised with the DEDCryptor Ransomware. This Trojan's ransom method includes communications targeting both native Russian speakers and English ones.
In its other aspects, the DEDCryptor Ransomware conducts a standard data-ransoming campaign by way of encryption.The DEDCryptor Ransomware scans for file types including TXT, DOC, PDF, XML and JPG, increasing the probability of affecting valuable information while keeping the overall encryption time minimal. The encryption process uses an AES-256 algorithm, with a 32-character password generated uniquely per infection. Trying to open an encrypted file will return uninterpretable content while the means of encryption guarantees that PC users can't decrypt their content without great difficulty.
The DEDCryptor Ransomware's only ransom message is an image file that it locks onto the desktop wallpaper, displaying instructions along with a picture of an 'evil' Santa Claus. Malware experts found its 2 Bitcoin fee to be significantly higher than average for this type of threat, a sum equivalent to well over a thousand USD.
Resurrecting Your Files from the Dead
The DEDCryptor Ransomware's perpetrators demand a steep amount of money for providing a decryption service that may or may not prove itself viable, and even limit their victims to responding within twenty-four hours. Although it would be natural to panic under such time pressure, malware experts stress the traditional drawbacks of paying a Trojan's ransom, which usually accomplishes little more than funding threats development. Victims without other resources can provide samples to anti-malware organizations to assist with research into developing free decryptors.
Even without a decryptor, simple means of protecting your hard drive's contents can keep the DEDCryptor Ransomware from rendering permanent damage to any files. Cloud backups and remote device backups are the traditional recommendations for dealing with similar Trojans and all other threats that may attack your PC's files directly. None of the content encrypted by the DEDCryptor Ransomware includes default Windows components, meaning that the overall operating system should be able to continue functioning as usual.
Despite the above silver lining, malware experts sometimes see Trojans like the DEDCryptor Ransomware bundling themselves with spyware, Bitcoin miners and other threats. Using your anti-malware products for removing the DEDCryptor Ransomware also should provide some level of protection from related infections. Although the DEDCryptor Ransomware is newly-identified, defeating this 'bad Santa' still comes down to proven, reliable PC security tactics.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.