Home Malware Programs Ransomware Prandel Ransomware

Prandel Ransomware

Posted: August 6, 2019

The Prandel Ransomware is a file-locking Trojan that holds your digital media hostage for a ransom. Its attacks leverage encryption for converting documents and similar content into non-opening equivalents of themselves and aren't necessarily repairable. Users should keep backups of their work in secure locations and use anti-malware products for uninstalling the Prandel Ransomware or blocking an installation exploit.

Another Hop for an Island-Hopping Trojan

Without much fanfare, the file-locking Trojan family of the STOP Ransomware is staying at the forefront of the RaaS industry. This leading position is thanks to its popularity among criminals and authorial maintenance. The Prandel Ransomware is an example of one of the newest, 1.38 releases from the family, making it more recently-updated than even relatives within the past month. Like the Zatrov Ransomware, the Cosakos Ransomware, the Mogranos Ransomware, or the Tocue Ransomware, its aim is blocking files for ransoms.

The STOP Ransomware family, also known as Djvu Ransomware, from one of its early variants, is best known for circulating Southeast Asia. However, since threat actors can launch campaigns anywhere they prefer, the Prandel Ransomware has the potential of compromising users around the world. Attacks may use varied tactics for gaining system access, including spam e-mails (most typically, for a business industry target), torrent or compromised advertising networks. Once the Prandel Ransomware runs, it starts locking the user's files and holding them up for ransom.

The Prandel Ransomware's payload includes a variety of supportive features for its extortion. It can add 'prandel' extensions to the names of the content that it blocks with encryption, use a dynamic lock-securing method through a C&C key, delete backups, and create ransom warnings for the users. It also may download and install other threats, although dropping AZORult spyware is the only case that malware experts see of the latter feature.

Breaking the Lock on Your PC's Media

The Prandel Ransomware's attacks are most viable against users without prepared backups or defenses. The AV industry's rates for detecting Ransomware-as-a-Service families average at two out of every three vendors. It's possible that suitable security software will block the infection attempt at some earlier stage equally, such as the drive-by-download attack of an Exploit Kit that uses well-known vulnerabilities or unsafe domains. Avoiding illicit downloads and disabling risky features like macros and JavaScript remain relevant to all users around the world.

Users can, and should, keep at least one backup on another device. The Prandel Ransomware may erase the Shadow Volume Copies silently and securely, and most decryption attempts against this family of Trojans fail at recovering any media. Although interrupting the Prandel Ransomware's payload by preventing a C&C network connection helps force it into a weaker encryption model, not every victim will identify the danger and respond in time.

As previously stated, malware experts find most anti-malware products competent at uninstalling the Prandel Ransomware, and should, likewise, prevent any installation exploits in a majority of scenarios.

The Prandel Ransomware offers yet another, redundant angle of attack against users who aren't protecting their files from well-known dangers. The price of a backup, no matter how you implement it, can't help but be more affordable than any Trojan's ransom.

Loading...