STOP Djvu Ransomware
The STOP Ransomware, also know as the Djvu Ransomware is a threatening cryptovirus. Although the latter first hit the headlines in February 2018, its creators have since developed multiple variants, keeping the flow of infections growing. If the growing number of file extensions appended by Djvu is anything to go by, that new STOP variant makes no exception. Djvu has only caught the attention of the security community recently. Yet, it has already managed to infect machines worldwide, each time appending a different file extension to the encrypted data. So far, security researchers have spotted numerous extensions associated with the Djvu ransomware, namely:
- .adobe, .adobee, .pdff.
- .djvu, .djvus, .djvuu, djvuq, udjvu, .uudjvu (older variants).
- .blower, .pomorad, .promock, .tfude, .tfudeq, .tfudet, .tro. (recent variants).
- .chech, .luces, .luceq, .kropun, .kroput1, .charck, .pulsar 1 (newest).
Unlike other ransomware types, which typically attack PC users via spam emails, recent Djvu infections have occurred following a download of a keygen/crack reportedly. Once the infection has completed, Djvu draws up a ransom note titled ‘_openme.txt’. Here’s the text of the note:
’———————— ALL YOUR FILES ARE ENCRYPTED ————————
Don't worry, you can return all your files!
All your files documents, photos, databases and other important are encrypted with strongest encryption and unique key.
The only method of recovering files is to purchase decrypt tool and unique key for you.
This software will decrypt all your encrypted files.
What guarantees do we give to you?
You can send one of your encrypted file from your PC and we decrypt it for free.
But we can decrypt only 1 file for free. File must not contain valuable information
Don't try to use third-party decrypt tools because it will destroy your files.
Discount 50% available if you contact us first 72 hours.
——————————————————————————————————-
To get this software you need write on our e-mail:
helpshadow@india.com
Reserve e-mail address to contact us:
helpshadow@firemail.cc
Your personal ID:’
The actors behind Djvu offer a 50% discount if contacted within 72 hours. However, the exact amount of compensation is not mentioned in the note. While older Djvu variants can be neutralized as security researchers have developed free decryptors, there are no working solutions for the most recent variants currently.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.