DBL Ransomware
The DBL Ransomware is a new version of Hidden Tear, a previously-public file-locker Trojan project. After locking your media, which can include images, documents, and many, other formats, the DBL Ransomware will create ransoming messages demanding Bitcoins for the unlocker. Let your anti-malware products delete the DBL Ransomware and, if available, use backups for restoring any content.
Getting Wrecked in Brand-New Ways
As gaming becomes more mainstream than ever, the slang around it, likewise, comes into the common vernacular. The next Hidden Tear variant isn't highly-different from others like the Israbye Ransomware, the SymmyWare Ransomware, the EbolaRnsmwr Ransomware, the KoreanLocker Ransomware or the Foxy Ransomware. What the DBL Ransomware does boast, however, is a passing grasp over gaming lingo.
The DBL Ransomware and other Hidden Tear variants encrypt the files using an AES algorithm and show no visibly-obvious symptoms while locking documents, pictures and other media. To complete the attack, the DBL Ransomware appends a 'rekt' extension to their names as an identifier and drops Notepad messages for its ransom note. That second component provides Bitcoin-based payment instructions for the decryptor, which malware experts discourage following. Many versions of Hidden Tear are freely decryptable. As of February 13th, no payments are in the threat actor's wallet.
While the DBL Ransomware is a Windows software and its payload presumes an English-speaking victim, there are few, other prerequisites to its installation. Unless the threat actor adds more modifications, the 32-bit executable should be identifiable by most brands of anti-malware programs. No digital signatures, code obfuscation, or other defenses or disguises are connectible to the DBL Ransomware samples that malware experts can access.
Pulling Your Files Out of the Wreckage
The mere replacing of the ransom note is the defining update that the DBL Ransomware's development offers. Victims may have some luck with restoring their files through freeware decryption services for this family, such as the Hidden Tear Brute Forcer and the Hidden Tear Decryptor. Nonetheless, the criminals can add extra security to an encryption feature easily and at any time. Backing up work for its safety as a reliable recovery option is always the best choice for media like workplace or personal-life documents.
Malware experts' reports on the DBL Ransomware's installers show them making no attempts at disguising themselves. Future attacks could use fake invoices attached to spam e-mails, torrents for triple-A games or movie franchises, or drive-by-download threats like the Nebula Exploit Kit. Disabling scripts and Flash while browsing the Web and having anti-malware products scan files for finding and removing the DBL Ransomware proactively are always-relevant security steps.
The DBL Ransomware wants nothing more than fifteen dollars for its ransom, but it's still a payment that comes with danger attached. Helping the profits of file-locking campaigns always has one outcome: guaranteeing more attacks in the future as the threat actors repeat their crimes.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.