What is JerryRansom Ransomware?

malware warning

JerryRansom ransomware, derived from the Chaos ransomware, poses a significant threat to computer systems. This malicious software encrypts files, alters desktop settings, and demands ransom from victims for file decryption.

Encryption and Ransom Note

Upon infiltration, JerryRansom encrypts files and appends random characters to their filenames, making them inaccessible. A ransom note, named "Read_me.txt," is left behind, detailing the attack and demanding a ransom of $11.03 in Bitcoins for file decryption.

The JerryRansom ransom note reads like the following:

-----------------Ваша ОС атакована!-----------------
Здравствуйте, жертва. Ваши файлы были зашифрованы вымогателем JerryRansom
Чтобы расшифровать файлы, вам необходимо заплатить 11,03$ в биткоинах.
После оплаты, напишите мне на электронную почту:jerryjobransom@gmail.com
-----------------Your OS has been attacked!-----------------
Hello, victim. Your files were encrypted by the Jerry Ransom ransomware
To decrypt the files, you need to pay $11.03 in bitcoins.
BitCoin Wallet:17CqMQFeuB3NTzJ2X28tfRmWaPyPQgvoHV
After payment, write to me by e-mail:jerryjobransom@gmail.com
-----------------Что случилось с моим устройством?-----------------
Ваша операционная система была атакована вымогателям JerryRansom. Все ваши файлы зашифрованы. Инструкция по расшифровке есть выше.
-----------------What happened to my device?-----------------
Your operating system has been attacked by the JerryRansom ransomware. All your files are encrypted. The decryption instructions are above.

Communication with Attackers

Victims are instructed to contact the attacker via email to arrange payment and decryption. The note is presented in both English and Russian languages, indicating a wide target audience.

Paying the ransom is discouraged as there's no guarantee of file recovery. Instead, victims are advised to explore third-party decryption tools or restore files from backups.

Understanding Ransomware

Ransomware attacks typically involve file encryption, ransom demands in cryptocurrency, and threats of dire consequences for non-compliance. Examples include Wing, Ldhy, and Fastbackdata.

Infection Methods

Ransomware spreads through phishing emails, compromised websites, pirated software, or software vulnerabilities. Interacting with malicious links or attachments initiates the infection process.

Protecting Against Infections

Regularly updating software, practicing caution with email attachments, and avoiding suspicious websites are crucial preventive measures. Using official sources for downloads and refraining from pirated software minimize infection risks.

Removal and Recovery

If infected, promptly scan your system with anti-malware software to remove the ransomware. Maintaining backups and staying vigilant against future threats are essential for comprehensive protection.

February 7, 2024

Cyclonis Backup Details & Terms

The Free Basic Cyclonis Backup plan gives you 2 GB of cloud storage space with full functionality! No credit card required. Need more storage space? Purchase a larger Cyclonis Backup plan today! To learn more about our policies and pricing, see Terms of Service, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Cyclonis Password Manager Details & Terms

FREE Trial: 30-Day One-Time Offer! No credit card required for Free Trial. Full functionality for the length of the Free Trial. (Full functionality after Free Trial requires subscription purchase.) To learn more about our policies and pricing, see EULA, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.