DirtyDecrypt
Posted: September 14, 2013
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
Ranking: | 14,747 |
---|---|
Threat Level: | 2/10 |
Infected PCs: | 433 |
First Seen: | September 19, 2013 |
---|---|
Last Seen: | September 1, 2023 |
OS(es) Affected: | Windows |
DirtyDecrypt, so named for the DirtyDecrypt.exe file that is a component of some variants of this PC threat, is a group of diverse ransomware-based Trojans, including multiple types of Police Ransomware Trojans that delivery warning messages specific to different countries. These attacks have a double purpose: simultaneously blocking Windows and also displaying a fake legal alert that requests a money transfer. However, although all known variants of DirtyDecrypt use pop-ups that reference a regional law enforcement agency, DirtyDecrypt is an illegal program and doesn't need to be paid to be removed. Nor should it be paid, as SpywareRemove.com malware researchers emphasize that any paid ransom doesn't necessarily increase your chances of getting an unlock key that would remove DirtyDecrypt from your computer. As always, anti-malware tools should be preferred for deleting DirtyDecrypt in all of its varied forms.
Cleaning Away Misinformation About the DirtyDecrypt Problem
DirtyDecrypt is named for one of its earliest components, an EXE file that often is associated with file encryptor attacks. These attacks have been seen targeting Microsoft Office documents, general image files and Adobe PDF files and rendering them temporarily inaccessible – supposedly until a ransom is paid. New versions of DirtyDecrypt may or may include this attack, which is secondary to DirtyDecrypt's main goal of misinforming the victim about its purpose and acquiring money in the process.
The most recent DirtyDecrypt attacks have spread out of Europe to other regions, including the US and Canada, and tend to trigger off of pornography site advertisements. These advertisements redirect their victims to illegal underage pornographic content and also use a variant of the Styx to install a member of DirtyDecrypt such as the 'Your Internet Service Provider is Blocked' Virus. Afterward, a fake police alert tailored to your IP address's geographical location is put on display and accuses your computer of being used to access the very same illegal content that was promoted by the original advertisement.
Once you ignore the more rather aspects of DirtyDecrypt's campaign, it becomes obvious that DirtyDecrypt's main interest is in acquiring money through its fraudulent legal fee. SpywareRemove.com malware experts always recommend withholding any money or personal information demanded by DirtyDecrypt or any other ransomware-based PC threat, since giving in to these demands has no guarantee of providing you with a solution to a DirtyDecrypt infection. Additionally, it also needs to be stressed that DirtyDecrypt is an illegal Trojan and doesn't have any government authorization behind its attacks.
Why Decryption Needn't Be a Filthy Process of Giving Criminals What They Want
Whether a variant of DirtyDecrypt attacking your computer is a file encryptor or not, there's no real reason to bother paying the ransom DirtyDecrypt demands. As a safe alternative, SpywareRemove.com malware experts suggest disabling DirtyDecrypt with standard security procedures and then using whatever anti-malware programs you prefer to delete DirtyDecrypt. Files that have been encrypted by DirtyDecrypt can be restored from backups or decrypted by various free utilities (which often are provided by various major PC security companies).
Also known by its technical family name of Revoyem, DirtyDecrypt exemplifies the advanced social engineering in use by most modern types of threats that don't try to hide themselves entirely. However, SpywareRemove.com malware research team also notes that, like any attack that starts with your Web browser, having appropriate Web-based protection can shut down a DirtyDecrypt infection before DirtyDecrypt has a chance to begin.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.