G DATA, a German security software company, has released vaccine software that blocks the “STOP Ransomware” ransomware from encrypting victims’ files after infection.
This tool does not prevent the infection itself; STOP ransomware may still place a ransom note or change your system settings
But STOP If you have a ransomware vaccine program installed, it will not let you encrypt your files anymore. A string saying that the file was protected by the vaccine will be included in the ransom note.
STOP Ransomware vaccine can be downloaded as a pre-compiled .EXE or Python script from here.
This vaccine program may cause security software to believe that a system is infected because it tricks the ransomware into thinking that the device has already been compromised by adding files that malware normally deploys on infected systems.
A compound tool was also released by Emsisoft and Michael Gillespie for victims of STOP Ransomware in October 2019 to decrypt files encrypted with 148 variants for free, but it no longer works with newer variants. Therefore, if you want protection against this strain of ransomware, G DATA’s vaccine program is your best bet.
However, this vaccine may not work against future versions of this ransomware, as the attackers will bypass it after the vaccine is released.
So, even after applying the vaccine, you need to ensure that you also back up your important files
STOP ransomware consistently makes up the largest percentage of ID ransomware posts and support requests received on the forums.
During this period of ransomware activity, thousands of ID ransomware are sent per day, of which 60-70% are from STOP ransomware.
STOP Ransomware mainly targets home users via shady websites and adware bundles pushing malicious software cracks and adware bundles disguised as free programs.
The latter usually installs various unwanted software on the user’s computer, and one of the programs installed is often a malware like STOP Ransomware.
Reports that it has been used to distribute STOP ransomware include KMSPico, Cubase, Photoshop, and antivirus software.
STOP Ransomware, besides using this method of deployment, is also a very common ransomware that encrypts files, appends an extension, and drops a note demanding a ransom of $500 to $1000.
Comments