• Cyber Security
    • Ransomware Prevention
    • Ransomware Removal
    • Ransomware File Recovery
    • Ransomware Types
  • News
  • Tutorials
  • Ransomware TV

Desu Ransomware

August 1, 2018Simeon Georgiev

Ransomware removal experts found yet another cyber risk in the security circle that is classified as a ransomware. The ransomware known as Desu Ransomware has been noted for modifications in the contents of registry entries in systems that run on Windows.

After entering into a computer system stealthily, the ransomware proceeds to apply encryption on the data that is saved on the storage devices of victims’ PCs. An extension of ‘.desu’ is added to the files that are encrypted. Subsequently, the affected files with this extension are unable to be accessed, opened or modified by the users. Ransomware removal experts found the algorithm used for encryption to be RSA.

Ransomware removal experts have also noticed that with each attack, the ransomware campaign applies different strategies and is smart enough to be distinct. This means that even the encryption algorithms vary depending upon a victim. The decryption software that can decrypt these encryption algorithms is located in a remote server of the cybercriminals. Thus, if authorities are able to find their physical hideouts, victims’ files can be decrypted easily.

The Ransom Note

A ransom note is provided by the cybercriminals after the encryption process. The message starts with the title ‘Desu Ransomware’ and proceeds to acknowledge the encryption of victim’s files. Moreover, it is stated that the files can only be unlocked through the use of a decryption key.

Cybercriminals then dissuade users from using any anti-ransomware or recovery tools and warn the loss of data as a consequence.  Additionally, communication with a security company is discouraged as hackers state that such companies cannot do anything for ransomware removal. An email address of j0ra@protonmail[.]com is provided for future communication.

Lastly, Ransom demand is asked in the form of Bitcoin equaling 200 dollars with a cryptocurrency wallet address for transfer of funds.

 

Simeon Georgiev
https://www.linkedin.com/in/simeon--georgiev/
I am a Cyber Security Enthusiast from Bulgaria. I like to write about malware and ransomware and global cyber attacks. You can reach me on Twitter @sgeorgiev1995 or Email: simeon10georgiev@gmail.com
Previous post Riverside Police Department Reeling from the Effects of a Ransomware Attack Next post Jewsomware Ransomware

Related Articles

NonPetya Ransomware Caused Millions of Dollars Worth of Damage to Maersk

January 27, 2018Simeon Georgiev
NonPetya Ransomware Caused Millions of Dollars Worth of Damage to Maersk

NonPetya Ransomware Caused Millions of Dollars Worth of Damage to Maersk

February 1, 2018Simeon Georgiev
NonPetya Ransomware Caused Millions of Dollars Worth of Damage to Maersk

BitPaymer Ransomware Traced Back to Dridex Developers

February 1, 2018Simeon Georgiev
BitPaymer Ransomware Traced Back to Dridex Developers

Latest on Ransomware TV

https://vimeo.com/399908876?loop=0

Recent Posts

  • Ways to Catch Cybercriminals
  • What Expertise is Required to Deal with Ransomware Removal?
  • Tips to Prevent Ransomware Attacks on Your Device
  • Ways to Store Your Data Securely
  • Software Available to Save Yourself from a Ransomware Attack

Stay Protected

Subscribe to our mailing list to get the latest cyber security and ransomware removal articles!

Thank you for subscribing.

Something went wrong.

Navigation

  • Cyber Security
    • Ransomware File Recovery
    • Ransomware Prevention
    • Ransomware Removal
    • Ransomware Types
  • News
  • Tutorials

Ransomware Attacks (Last 6M)

0

Connect & Protect

Facebook
Google+
LinkedIn
YouTube
Vimeo

More

  • BECOME A CONTRIBUTOR

MonsterCloud Reviews

© 2020 MonsterCloud.com. All Rights Reserved.