Last week, ransomware removal experts found a certain ransomware known as Jewsomware making rounds. Like other ransomware, it silently enters into a computer and rapidly applies encryption on the files stored in the hard disks.
Details of the Jewsomware Ransomware
After infecting computers, the ransomware adds an extension of ‘.jewsomware’. For instance, a file named ‘baseball.jpg” will be encrypted with the name of ‘baseball.jpg.jewsomware’. The encryption algorithm used in this case is Advanced Encryption Standard (AES).
This type of ransomware not only locks files but also manages to modify the default settings of the victims’ computers. Moreover, ransomware removal experts have provided a number of signs to locate its existence. These signs include the above extension of ‘.jewsomware’ on computer files as well as a sudden drop in the performance and speed of a computer. Other indications include the disappearance of any data from the storage.
After completing all its key activities, the ransomware notifies the users’ with an alert window that acknowledges its presence. An email address of a9gfa9gh@protonmail.com is provided for further communication with the cybercriminals. The ransom demand to remove the ransomware is usually $300 which has to be paid in Bitcoin.
In return for the ransom, a decryption key is provided that will help to disable the .jewsomware extension and assists users to access their files. The deadline given for the ransom lasts a week, as observed by ransomware removal experts. In the case of non-compliance attackers threaten with the increase in the ransom demand.
Ransomware removal professionals have highly deterred from paying any ransom. Instead, they encourage the users to remove the ransomware. However, using any recovery tool without the permanent deletion of the Jewsomware Ransomware is not advised. Hence, users need to take the necessary steps for ransomware removal before working on the recovery problem.
