The ransomware assembly line known as the STOP/Djvu Ransomware family strikes again with another variant, SDJM Ransomware. Like other strains under the STOP/Djvu umbrella, it gets its name based on the ‘.SDJM’ extension it appends to infected files.
SDJM Ransomware operates identically to its counterparts in the STOP/Djvu family and encrypts files before making a ransom demand. The encrypted files may include databases, spreadsheets, archives, pictures, and videos. After file encryption, the ransomware operators also deliver a ransom note named “_readme.txt,” which contains information on the infection and the hackers’ ransom demands.
The Ransom Demand Associated with SDJM Ransomware
SDJM Ransomware’s operators promise a decryption key to unlock files in exchange for $980. However, they offer a 50% discount if victims establish communication within 72 hours after encryption. The ransom note provides two emails to contact the hackers: helpmanager@mail.ch and restoremanager@airmail.cc.Like most ransomware operators, the hackers behind SDJM Ransomware offer to decrypt one file for free to show that they can unlock all the affected files if the victim decides to pay.
How to Survive an SDJM Ransomware Attack
Although cooperation with the hackers may seem like the easiest path towards file restoration, we strongly suggest that ransomware victims never contact hackers. Instead, you should employ a reputable malware remediation program to scan for and rid their system of the destructive SDJM Ransomware.
