WDLO Ransomware Joins the Ever Growing STOP/Djvu Ransomware Family
The STOP/Djvu Ransomware group continues to terrorize victims with another addition to the family –WDLO Ransomware. Like the other variants associated with the popular and widely used STOP/Djvu code, WDLO Ransomware renders its victims’ files inaccessible, including photos, music, documents, and video data.
WDLO Ransomware spreads via phishing campaigns, bundled software, and malicious websites like other infections from the ransomware family. Once the ransomware has penetrated the system, the victim’s files are encrypted using the AES-256 encryption algorithm. The ransomware will then append the .WDLO extension to the encrypted files, which is the basis for its name.
Affected users will also find a ransom note on their desktop that demands as much as $980 to restore the files. According to the note, the ransom demand can be cut in half to $490 if communication via one of the two provided emails, either ‘helpteam@mail.ch’ or ‘helpmanager@airmail.cc,’ is established within 72 hours after infection.
Should the victim establish contact, WDLO’s Ransomware operators will offer to decrypt one file for free to prove their ability to unlock all affected files. We, however, certainly do not recommend ever playing ball with hackers and actually paying the ransom or even trying to contact them.
How Do I Deal with a WDLO Ransomware Attack?
We strongly suggest victims of WDLO Ransomware scan for and remove elements of this dangerous ransomware infection by using a reputable malware remediation tool. You can also protect yourself from future attacks by keeping copies of your critical files on either the cloud or secure external drives.
