DavesSmith Ransomware
The DavesSmith Ransomware is a file-locking Trojan that can encrypt your files and stop them from opening. Since the strength of its encryption isn't known, users shouldn't presume the availability of freeware decryptors. Compensate with appropriate backup practices and the presence of anti-malware programs for removing the DavesSmith Ransomware immediately.
Seasoned Criminals Hiring Mister Smith for Dirty Work
A threat actor with past credentials in abusing the Globe Imposter 2.0 Ransomware's family is switching gears to a new Trojan, albeit one with very well-known attacks. The brand-new threat, the DavesSmith Ransomware, isn't a product of a well-known Ransomware-as-a-Service, and malware researchers aren't sure of its encryption strength. However, what's less mysterious is the DavesSmith Ransomware's attack procedure, which involves blocking files and demanding Bitcoins, like most of its kind.
The DavesSmith Ransomware is victimizing Windows systems and is targeting English speakers, according to the language of its ransom note. Currently, its encryption is being estimated as AES-based, with which it blocks files such as documents, pictures, music or other media. Although malware experts are confirming that the Trojan adds '[Daves.smith@aol.com]' into the filenames, they're unsure if it also injects any additional extensions. This e-mail address is highly relevant since its last known usage was in deploying a variant of Globe Imposter 2.0 Ransomware.
Although the DavesSmith Ransomware doesn't use the same encryption method as that family, it has a similar ransom note, which conveys the threat actor's demands in text. While malware researchers don't discourage using the free trial offer, victims should avoid paying for unlocking help. Many criminals will take their payment and cut off communications afterward, thanks to the non-refundable nature of cryptocurrencies, vouchers, etc.
Sending Smith Back Out the Door
Users always should have backups secured to one or more additional devices. Doing so before a Trojan infection's occurrence will facilitate recovering any files quickly and without paying for the privilege. Media formats are at most risk of endangerment from a file-locking Trojan, although there are no hard, technical barriers for stopping the DavesSmith Ransomware from blocking anything, including executables or other, 'essential' files.
Consensual but misinformed downloads, such as illicit torrents or mislabeled e-mail attachments, are common denominators in many file-locker Trojans' campaigns. Besides the always-relevant advice of refusing unlawful software and other files, malware experts encourage turning off RDP features, using secure passwords, and not enabling macros inside of programs like Word or Excel. Software updates can provide further fixes for locking attackers out of using well-known vulnerabilities in drive-by-download attacks. What prompted the switchover from a 'proven' Trojan to an untested one like the DavesSmith Ransomware is a riddle worth solving. Until the security industry does so, the DavesSmith Ransomware's campaign will remain an open but unread book.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.