Home Malware Programs Ransomware Dutan Ransomware

Dutan Ransomware

Posted: May 3, 2019

The Dutan Ransomware is a variant of the STOP Ransomware, and its victims will not be able to rely on a free decryptor to assist them with the recovery of their files. Threats like this one may often be propagated via bogus email attachments that are accompanied by an email that is designed to look as if it comes from a legitimate sender. The attachment, however, is likely to serve one sole purpose – deploy the Dutan Ransomware’s files and set off its dangerous attack.

When the Dutan Ransomware is started on a compromised computer, it may begin to encrypt a huge variety of file formats immediately, therefore making it impossible to access or restore their contents. Naturally, its primary targets are documents, spreadsheets, pictures, and videos since these file formats are likely to contain valuable information. Whenever it locks a file, the Dutan Ransomware will change its name by adding the ‘.dutan’ extension – for example, the locked version of the file ‘document.docx’ would be named ‘document.docx.dutan.’

After the attack is complete, the Dutan Ransomware drops the file ‘_readme.txt,’ which contains the attackers’ message. Unsurprisingly, they demand to receive a hefty ransom payment in exchange for decryption software that can help the victims get their files back. Keep in mind that the existence of the decryptor is not proven, and sending money to the attackers can be a risky endeavor since you may end up losing both your money and your files.

The attackers use the email address gorentos@bitmessage.ch for contact, but we advise you to refrain from getting in touch with them. The right way to proceed if your files have been locked by the Dutan Ransomware is to use a reputable anti-virus scanner to eliminate the threatening program. Once this task is complete, you should look into 3rd-party data recovery options and software since they may sometimes be able to undo some of the damage done by ransomware.