Home Malware Programs Ransomware DearCry Ransomware

DearCry Ransomware

Posted: March 15, 2021

Over the past week, Microsoft Exchange Mail Servers have been under attack by a new ransomware family tracked under the name DearCry. The criminals behind the attack campaign are exploiting four new vulnerabilities that Microsoft has already patched – however, users who have failed to update their software may still be at risk of having their systems compromised. The DearCry Ransomware is in no way associated with the WannaCry Ransomware – its creators are simply piggybacking on the popularity of the infamous ransomware family.

The DearCry Ransomware uses a flawless file-locking mechanism, and it targets a wide range of file extensions to inflict maximum damage. It encrypts the contents of the file, and also adds the header 'DEARCRY!' Just like other ransomware, it uses a custom file extension to modify the names of damaged files – 'CRYPT.'

After completing its attack, the DearCry Ransomware drops the ransom note 'readme.txt' on the desktop. It tells the victim to contact konedieyp@airmail.cc or uenwonken@memail.com for assistance. As expected, contacting the attackers is only the start – they will then extort their victim for money by promising to give them access to a decryptor, but only if they agree to pay a ransom fee.

Unfortunately, free decryption is impossible, and the only reliable way to recover the lost files is to recover them via a backup. If a backup is not available, users can explore alternative data recovery options.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to DearCry Ransomware may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria .

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.