'.dian File Extension' Ransomware

The '.dian File Extension' Ransomware is a Trojan that can block your files by encrypting them, an attack that threat actors may use to negotiate ransom payments to fix. Because decryption through con artists-endorsed software often fails or is fraudulent, the victims of '.dian File Extension' Ransomware attack should try restoring their media through any other methods available to them. Anti-malware programs capable of uninstalling similar, file-locking threats also may remove the '.dian File Extension' Ransomware from your PC safely.

The Further Extension of a Grafted-On Family Branch

Summer's DCry Ransomware is a relatively unremarkable case of file-encrypting Trojan programming that is meaningful to malware analysts for using a brand label imitating threats like the WannaCryptor Ransomware primarily. Despite that, its threat actors or others with access to the same resources have been productive since June. A newly-appearing variant of the Trojan arriving just recently, the '.dian File Extension' Ransomware, shows all of the same capabilities concerning locking files for money.

After launching, the '.dian File Extension' Ransomware encrypts the local contents of the infected PC using a cipher, such as the AES-128. While malware analysts have yet to confirm any changes in the encoding method, the '.dian File Extension' Ransomware does append '.dian' extensions to the names of its locked content instead of the DCry Ransomware's '.dcry' string. This attack usually impacts formats that include pictures (such as JPG or GIF), documents (DOC, TXT, or PDF), archives, local Web pages, spreadsheets and slideshows.

The '.dian File Extension' Ransomware also may generate text messages or Windows message boxes displaying its ransoming demands. Past attacks coming through the same Trojan family provide limited information for the victim to decrypt their files other than a request to contact the threat actor's email address. However, malware experts did catch one minor change internally: a string referencing cyber security researcher Michael Gillespie directly, implying that the '.dian File Extension' Ransomware's author is monitoring the PC security community's response to his threat actively.

Dying to Keep the 'Dian' Extension out of Your Files

The '.dian File Extension' Ransomware's threat actor is using still-unknown strategies for distributing this update to the DCry Ransomware. Some of the most representative exploits that malware experts connect to file-locking Trojans like this one include:

• Spam email messages may carry installers for the '.dian File Extension' Ransomware inside of attachments, including documents with embedded vulnerabilities.
• Threat actors could drop this threat on a server manually after targeting it with brute-force attacks for gaining remote access. This style of attack is most typical against unprotected business, NGO or government networks.
• Small-time campaigns like the '.dian File Extension' Ransomware's attacks also may circulate throughout torrent networks or fake download websites, where they disguise their files as being popular movies, music or gaming content.

Decryption software for the DCry Ransomware is free but may require updating to achieve full compatibility with any files that the '.dian File Extension' Ransomware locks. Always use these freeware alternatives, when possible, instead of paying a ransom, or keep backups that make decrypting your media into a non-essential solution. Any anti-malware programs proven against this Trojan's family also may uninstall the '.dian File Extension' Ransomware, in most circumstances, before it begins to block any of your content.

While the cat-and-mouse games between those who research threatening software and those who make it continue, victims on the sidelines will need to keep taking precautions for preserving their files. The cost of not doing so during a '.dian File Extension' Ransomware infection particularly, remains potentially more expensive than one might assume.