DMR Ransomware
The DMR Ransomware is a file-locker Trojan that blocks digital media on your computer and holds it for a ransom. Its project development includes resources to drive-scanning features that may facilitate network traversal or compromising removable devices, along with default drives. Users should save backups for their files' safety securely and keep professional anti-malware technology on hand for deleting the DMR Ransomware.
The Newest Trojan Whose Ransoms will Give You Deja Vu
In-between the vast, pre-established families of Ransomware-as-a-Service businesses, smaller competitors appear, from time to time. However, they usually see no need for reinventing the wheel and tend towards borrowing elements of more recognizable Trojans readily. The DMR Ransomware is just such a threat, which is delivering ransom notes from other families – along with hostile data encryption.
The DMR Ransomware, or 'The DMR Encrypter,' as its internal data dubs it, is a Windows application, like the Globe Ransomware and the Crysis Ransomware families that it much resembles. It uses encryption that malware researchers are rating as secure, for now, as a way of locking the system's digital media, such as documents. Along with stopping their opening through this mechanism, the DMR Ransomware also prepends an ID for the victim and inserts a new extension afterward with its acronym.
The ransom note, an HTA or advanced Web page, is where the bulk of the DMR Ransomware's 'borrowing' appears. It uses a slightly-changed variant of a similar note from the Crysis Ransomware, with different colors and, of course, a new e-mail. Other elements of its ransoming instructions are traditional, focusing on Bitcoin demands without a specific price, 'free' decryption for just one file, and a one-week deadline for pressuring victims into making quick payments.
How a Little Trojan can Get to a Big Payday
Of note is the fact that the DMR Ransomware's author also is developing code for a drive-scanning feature that may become part of the DMR Ransomware, as a semi-independent module, a built-in feature or a separately-installable program. The abuses of such a feature where file-locking Trojans are concerned are plain, including:
- Attackers could use the feature for compromising shared drives on local networks.
- The DMR Ransomware could encrypt or delete files on external, but still connected backup hardware.
- Removable devices can be compromised, as well, and even spread infections potentially, if the owner inserts them into other PCs.
The most significant application of such exploits remains with infecting and ransoming business and government networks. Still, any PC user's digital media can suffer harm from the DMR Ransomware's file-locking function.
Users can protect themselves by setting up appropriate security, such as limiting RDP usage, closing ports that aren't open for mandatory reasons, and using passwords that are impenetrable by brute-force guessing reasonably. Anti-malware utilities from most companies also should remove the DMR Ransomware after detection immediately.
The DMR Ransomware might be the start of a whole new family of profit-seeking Trojans or a one-shot fluke project. Either way, it's another addition to an army of Trojans demanding that you back your files up, or else, virtually.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.