STOP Ransomware and its Variants on the Rise

Another variant of the previously reported Djvu/STOP ransomware was spotted using a .rumbaextension on encrypted files. The malware has been heavily distributed as of late across various websites, bundled in cracked software downloads such as Photoshop, Cubase, KMSPico, anti-virus software, and more. Security Researcher Michael Gillespie created a decryptor that supports several IDs distributed by the ransomware. The NJCCIC recommends users download software only from trusted sources, since distributors can discretely bundle malware and adware into downloads. For mitigation techniques against ransomware, download our two-page guide here, and for more information on the variant, review Bleeping Computer’s post. If you are targeted by ransomware, please report the incident to your local police department and to the NJCCIC via the Cyber Incident Report Form on our website.

AlertNJCCICRansomware, malware