The Dbger Ransomware is a severe PC threat capable of doing irreversible damage to the files stored on your PC. Once the DBGer Ransomware has got hold of your PC, the DBGer Ransomware deploys a strong encryption mechanism to render your data inaccessible unless you pay a total of 1.00BTC (approx.. $7,000) for a supposedly working decryption key. The victims usually know nothing of the infection until the ransom note loads up on their screen in the form of a text document titled “_How_to_decrypt_files.txt.” The note sets out the Terms and Conditions of the attack in English, Korean and Chinese. Here is the English portion of the note:
‘Some files have been encrypted
Please send (1) bitcoins to my wallet address
If you paid, send the machine code to my email
I will give you key
If there is no payment within three days,
we will no longer support decryption
If you exceed the payment time, your data will be open to the public download
We support decrypting the test file.
send three small than 3 MB files to the email address
BTC wallet [random characters]
Your HardwareID: [random characters]’
The presence of Korean and Chinese text on the ransom note suggests that the hackers behind the attack may be aiming for PC users living in those countries. However, the poor punctuation found in the English section prompts speculation that the hackers themselves may be Korean or Chinese players, after all. Following a close inspection of the very core of the DBGer Ransomware, security researchers have concluded that it has a striking similarity to the recently discovered Satan Ransomware.
The DBGer Ransomware seems to apply a uniform pattern in renaming each and every file it encrypts by adding both the ‘[[email protected]]’ prefix and the .dbger suffix to its name and real extension. At present, the DBGer Ransomware is spreading via a corrupted payload dropper that may be hiding behind software programs available on the Web free of charge. However, this infection method is unlikely to last much longer since the DBGer payload has already been detected by the most popular AV solutions. Similar to other threats of such magnitude, prevention and regular data backups should always be the first line of defense.