Promos Ransomware

Posted: February 28, 2019

Promos Ransomware Description

The Promos Ransomware is a variant of the STOP Ransomware or the Djvu Ransomware, a file-locking Trojan that encrypts content like documents or pictures for blocking them, changes their extensions, and creates ransoming messages in text files. The users should, if possible, keep backups for protecting media from these attacks, which, in this case, are irreversible without the threat actor's decryption help. Anti-malware protection also can be valuable for deleting the Promos Ransomware before it starts attacking or disinfecting an already-compromised PC.

The STOP Ransomware isn't Stopping Today

The STOP Ransomware isn't a very fast-moving family in comparison to the Scarab Ransomware or other threats with more devoted developers and criminal clientele. While its development is nearly stagnant, new versions of the STOP Ransomware offer similarly-unbreakable attacks for encrypting and locking the files that are most valuable to their victims. A new version is using infection methods compromising PC users in the rarely-targeted Bangladesh, although it's unlikely that the upstart, the Promos Ransomware, limits itself to that specific country.

The Promos Ransomware's encryption impacts most commonly-used formats of digital media, such as Word and PDF documents, Notepad text files, JPG or GIF pictures, archives, databases and video. The Promos Ransomware does add an identifying 'promos' extension to their names, which the users can search for as a means of determining what content the Trojan is locking. Its other symptom merely is creating a Notepad readme file with its ransoming instructions.

Malware experts continue to rate the cipher in use here as being non-decryptable without the custom information that only the threat actors can offer. If the threat actors are providing free samples, as with the old versions of STOP Ransomware's family willingly, the users can take advantage of that option without any fear, although paying the ransom isn't a safe choice under any circumstances. Typical ransoming values from file-locker Trojans' campaigns are between several hundred and a thousand dollars and come with no promises of getting any future decryption help.

A Stopping Point that All File-Locker Trojans Have to Respect

The users should have backups for the most efficient recovery possible for any files, but, also, may use advanced data-repair options, such as ShadowExplorer, as a last resort. Backups should have a robust layer of security between them and any Internet-connected devices through which threats like the Promos Ransomware could attack, such as unique login credentials and requiring admin privileges. Protecting PCs from the Promos Ransomware includes scanning all files with proper security software, disabling possibly-unsafe features like Java, Word macros or RDP, and avoiding file-sharing sources with high infection rates, such as torrents and strange e-mail attachments.

The Promos Ransomware, along with every other member of the STOP Ransomware's family, is a Windows-based program and can run in most versions of the OS. Malware experts discourage assuming that its attacks will cause any visually-evident side effects while the locking procedure is ongoing; in most cases, file-locking Trojans confine all of their encryption features to process-injected or otherwise-hidden routines. However, a reputable anti-malware program should be removing the Promos Ransomware on sight as soon as the Trojan infiltrates the system.

It will be an unusual development if Bangladesh remains the only nation that the Promos Ransomware attacks statistically. Ordinarily, file-locking Trojans circulate throughout the world, and users everywhere should prepare their safety measures with that fact kept in mind.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to Promos Ransomware may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria.

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Related Posts

Home Malware Programs Ransomware Promos Ransomware

Leave a Reply

Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter. If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.