DataKeeper Ransomware
The DataKeeper Ransomware is a Trojan that locks your files with encryption so that it can collect Bitcoins from selling the decryptor. As a Ransomware-as-a-Service Trojan, the DataKeeper Ransomware may have its distribution administrated in different ways by various individuals, although spam e-mail is a particularly popular choice. Minding your network's security, having reliable backups, and using anti-malware products for blocking or removing the DataKeeper Ransomware are the three defenses most relevant to this threat.
The Program Keeping Your Files Away from You
Trojan campaigns aren't always tightly-maintained projects by one, experienced team of threat actors. In fact, this rarely is the case with file-locking Trojans, such as the new the DataKeeper Ransomware, which displays the ongoing profitability of an opposing business model. The DataKeeper Ransomware's authors are using Ransomware-as-a-Service for distributing variants of their Trojans to any other cybercrooks willing to undertake the risks, and, most likely, only are profiting from collecting a percentage of any ransoms passively.
The unknown threat actors maintaining the DataKeeper Ransomware are hosting its executable generator on a DarkNet website with no upfront fee for generating a custom variant. Some of the features in advertising, thus far, include:
- Custom, secure data-encrypting attacks use combinations of AES and RSA algorithms to block the victim's files.
- The ransom that the DataKeeper Ransomware offers to the victims for 'purchasing' a file-unlocking program is configurable, but always uses Bitcoins, thereby preventing the user from getting refunds in any cases of fraud.
- The DataKeeper Ransomware doesn't require a C&C server for its payload and can block the PC's media without any network connection.
- The DataKeeper Ransomware can erase some types of backup or system restoration data such as Windows Restore Points.
- The Trojan also supports attacking any network-shared folders, which makes it capable of compromising non-secure server setups particularly.
The types of data that the DataKeeper Ransomware locks also are fully configurable; malware analysts note that Microsoft Office work, images, and Adobe PDF documents are the most frequently targeted formats.
Taking Steps to Secure Your Data from the RaaS Industry
The nature of Ransomware-as-a-Service makes the distribution exploits of the DataKeeper Ransomware highly flexible. E-mail attachments, browser-based threats like the Nebula Exploit Kit, and brute force attacks targeting specific, non-secure networks are the infection vectors that malware analysts judge as being most relevant to this year. Users can protect their PCs by maintaining robust passwords, avoiding enabling scripts or advertisements in their browser, and scanning any downloaded files with appropriate security software.
The DataKeeper Ransomware's encryption routine is being rated as unlikely for decryption tentatively by freeware methods. Although any victims can contact anti-malware researchers with cryptography experience for second opinions, backups are always the most reliable fail-safe against Trojans that encrypt your media. A traditional anti-malware program also may delete the DataKeeper Ransomware before it launches its file-enciphering attack.
RaaS is an efficient distribution of labor for a con artist-programmer. It lets Trojans like the DataKeeper Ransomware become more widely distributed than ever, with not much work on the part of the individuals. PC owners should remember this fact, and always assume that there's a risk of data loss, whenever they browse the Web unsafely.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.