The STOP/Djvu Ransomware Family Continues to Grow, adding RRBB Ransomware
The STOP/Djvu Ransomware group continues to grow with another addition to the family – RRBB Ransomware. Like the other variants associated with the widely used STOP/Djvu code, RRBB Ransomware renders its victims’ files inaccessible, including photos, music, documents, and video data.
Upon file encryption, the infection appends the .RRBB file extension to encrypted files and leaves a ransom note named !README!.txt on the user’s desktop and in every folder containing encrypted files.
Unfortunately, RRBB Ransomware victims do not have access to a free decryption tool at the moment. The only reliable way to recover affected files is to restore them from a backup. Also, they could try using alternative data recovery options. Yet, bear in mind that alternative data recovery methods may still not unlock the encrypted files.
Although the criminals behind RRBB Ransomware promise to provide a decryptor for payment, it’s possible that you may pay and never receive the decryption key.
RRBB Ransomware spreads similarly to many other ransomware variants. It generally comes via malicious spam emails or unreliable third-party websites. Once it accesses the targeted system, the ransomware utilizes the AES cipher algorithm to encrypt important files and then demands a ransom for the decryption key. The cost of decryption is $980, but the cybercriminals will offer a 50% discount if contact is established within the first 72 hours after infection.
How to Protect Yourself from the RRBB Ransomware Infection
To protect yourself from the RRBB Ransomware attack, you should have a reputable malware remediation tool installed on your computer. That way, you can constantly scan for elements associated with this troublesome ransomware infection and other malware. Also, to reduce the potential damage of a future ransomware infection, please consider backing up your files on an external hard drive or cloud storage.