1dec Ransomware Description
The 1dec Ransomware is a file-locking Trojan that's part of a Dharma Ransomware Ransomware-as-a-Service. Family members will block your files, digital media like documents, and extort money for their unlocking service, preferably. Users with secure backups have protection from most of the effects of infections, and good anti-malware programs will proactively remove the 1dec Ransomware.
An Out-of-Season December Incoming
The often-randomly-named Dharma Ransomware family boasts such members as the Devil Ransomware, the firstname.lastname@example.org Ransomware, the Prnds Ransomware, and the Wiki Ransomware, and is turning to seasons of the year for a recently-unfurled campaign. The 1dec Ransomware is, despite its name, arriving on the threat landscape in early August. In analyzing it, malware analysts confirm all the 'usual suspects' for its features, wrapped in a fake Windows component for a hiding place.
The 1dec Ransomware's samples are faking Windows 'explorer' files, which might be part of their distribution tactic, but is more likely to avoid attention while encrypting media. The family uses an extremely well-analyzed and, unfortunately, secure encryption routine for locking files that match the formats in its white list. Most victims experience a 'locking' of their documents, pictures, music, databases, spreadsheets, archives and slideshows.
The 1dec Ransomware's extension is one that it injects into the ends of these files' names and is nearly the only other differentiating factor between it and its dozens of familial counterparts. Besides these attacks, the 1dec Ransomware can delete the Shadow Volume Copy or the Restore Point backups, create ransom notes (such as a highly-visible pop-up), and creates a unique ID for negotiations with the attacker over buying the unlocking service.
Sweeping Back Old Winter Software for Another Year
Users paying the 1dec Ransomware's decryption ransom are gambling with not getting anything back, and advance the long-term interests and infrastructure of the Ransomware-as-a-Service industry. RaaSes and their many variant campaigns, like the 1dec Ransomware, are defensible easily, as long as Windows users keep their media backed up with solutions such as USB drives or cloud services. These infections also pose risks of collecting data, leaking confidential information to the public or compromising network-connected devices.
As a final defense, stalwart anti-malware programs will flag members of the Dharma Ransomware family, a years-old and thoroughly-examined RaaS. If protected by these security solutions, users should detect and remove the 1dec Ransomware through them before their files come under fire.
With changing weather patterns, predicting the bite of winter or heatwaves is becoming more problematic, but Trojans like the 1dec Ransomware always are in season. Since that's the case, one can compare not having a backup or security services to walking into a storm without an umbrella easily.
Use SpyHunter to Detect and Remove PC Threats
If you are concerned that malware or PC threats similar to 1dec Ransomware may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.
Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.