The STOP/Djvu Ransomware Family Continues to Grow with EIUR Ransomware
The STOP/Djvu Ransomware family continues to make headlines as it maintains its status as one of the most prolific global ransomware families. The STOP/Djvu Ransomware group releases several new variants frequently, and EIUR Ransomware is one of the many variants that have emerged to join the family.
EIUR Ransomware received its name from the ‘.EIUR’ suffix that it adds to the encrypted files. This ransomware strain works just like the other STOP/Djvu Ransomware family members. The same applies to the program’s distribution as EIUR Ransomware spreads mostly via spam emails, social engineering, and compromised websites.
The EIUR Ransomware Infection
Users will unwittingly download EIUR Ransomware, and suddenly, they will find their files encrypted and inaccessible. Victims will also find a ransom note on their desktop in the form of the ‘.readme.txt’ document. In the ransom note, the cybercriminals request $980 for file decryption, but they are willing to lower the price to $490 in return for payment within 72 hours.
The hackers also provide victims with contact information via: manager@mailtemp.chand managerhelper@airmail.cc. Victims are asked to send one file to be decrypted for free as proof that the ransomware operators can unlock the files after receiving payment. We strongly recommend that victims do not communicate with the hackers and refrain from paying any ransom, as paying does not guarantee that victims will receive a decryption tool.
Surviving an EIUR Ransomware Attack
In general, we strongly recommend users keep backups of their valuable files to mitigate the damage caused by ransomware infections. But if you find yourself infected by EIUR Ransomware, we suggest using a reputable anti-malware tool to scan for and remove any elements related to this nasty infection.
