<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=694598870919452&amp;ev=PageView&amp;noscript=1">

ransomware-2321110_1920Photo credit: Pixabay

DJVU and Tro STOP ransomware varients have been seen a lot over the past month, the new Rumba variant is similar but it adjoins its .rumba extension to a file once it’s encrypted. It is currently being dished out through adware bundles and software cracks.

Software cracks used by websites typically enable adware bundles to help gain revenue. One of the bundles has begun utilizing STOP ransomware. After the ransomware is set up, .rumba begins to encrypt  files. The folders that end up with the encrypted files are left with a ransom note titled “openme.txt” which will guide a user on how to get ahold of the attacker in an effort to pay the ransom.

Software cracks that are known to be installing this ransomware are KMSPico, Cubase, Photoshop, antivirus software, and cracks for various of software. A decryptor has been released that gives users the ability to recover their files without paying an attacker.

To receive daily threat intelligence updates and analysts notes, sign up for Threat Watch by Binary Defense

Recent Posts

Posts by Topic

see all

Subscribe to Blog Updates