Dan@cock.email Ransomware

The Dan@cock.email Ransomware is a file-locking Trojan from the Scarab Ransomware's family. PCs compromised by this threat may experience media-focused data encryption that stops the files from opening, the erasure of backups, changes to filenames, and the appearance of ransom messages in high-visibility locations like the desktop. Always keep anti-malware software accessible and updated for deleting the Dan@cock.email Ransomware immediately, and store backups on other devices for recovering your files.

The Next Bug Gnawing Your Files is Named 'Dan'

The Scarab Ransomware family, one of many groups of file-locking Trojans, includes two traits of particular note: a branch that focuses on targeting Russian systems, and a spike in development activity in June of 2018. While malware researchers have seen much older samples of this threat, such as the last year's Scorpio Ransomware or the MaxiCrypt Ransomware, new ones like the Dan@cock.email Ransomware continue being pertinent to today's threat landscape. The Dan@cock.email Ransomware campaign's distribution exploits, while not identifiable, yet, are expected for including either fake e-mail attachments or brute-force attacks.

A standard infection method for the Dan@cock.email Ransomware's family can use brute-force software for cracking logins on business sector systems or targeted e-mail messages with attached and disguised installers. If it gains access to the PC, the Dan@cock.email Ransomware begins an encryption-based attack for locking the user's files, based on sorting according to their formats (such as DOC or JPG) and using an internal, AES-256 cipher. Almost all versions of the Dan@cock.email Ransomware's family also include 'salting' or leaving an additional identifier inside of the file's data, which our malware experts warn, could complicate any 'unlocking' or decryption solution.

The Dan@cock.email Ransomware also may delete the Shadow Volume Copies on the PC securely, which gives the victim no easy way of recovering their media from any local, Windows backups. The '.dan@cock.email' extension does allow the user to identify what content is in captivity, but they'll require either free decryption solutions or an external backup for restoring their files safely. Malware researchers can't confirm whether or not the Dan@cock.email Ransomware includes any other name changes, such as converting filenames to Base64.

Keeping Minimalist Trojans from Minimizing Your Data Security

The Dan@cock.email Ransomware's TXT ransom note, which it may leave either on the desktop or in folders with encrypted media, uses a stripped-down version of the format that's popular among modern releases of the Scarab Ransomware. This message provides an e-mail address for negotiating the ransom and an ID number, but no additional information, such as the timing limitations that some versions of the family impose upon their victims. Since the ransoming process is one that carries natural risks of not getting a decryption service that works, malware experts advise avoiding it, especially, since some variants of the Scarab Ransomware are compatible with freeware decryptors.

E-mail-based attacks for circulating the Dan@cock.email Ransomware may disguise its installation mechanism within a document's macros or mislabel the file with the wrong extension (for example: 'this-is-a-fake-document.exe.doc'). Most anti-malware products can detect these threats, which use well-known exploits for installing threatening software automatically. Besides removing the Dan@cock.email Ransomware with appropriate security software preemptively, users also should continue monitoring their networks for poor login combinations, open ports and other issues.

The Dan@cock.email Ransomware, along with the '.recme File Extension' Ransomware, upholds the pattern of its family seeing significant development activity for the summer of 2018. Computer users everywhere who would like to see fewer file problems should avoid paying ransoms and protect their media with backups.