The STOP/Djvu Ransomware Family Grows Larger with CCPS Ransomware.
Since its discovery in 2018, the STOP/Djvu Ransomware family has released hundreds of new variants, and it quickly became one of the world’s most prominent ransomware groups. CCPS Ransomware was uncovered by malware researchers as yet another strain from the family. It is referred to as CCPS based on the ‘.CCPS’ extension it appends to the infected files. The ransomware operates like its counterparts from the STOP/Djvu group and encrypts files before making a ransom demand.
CCPS Ransomware will scan a victim’s computer to look for user-generated files. It then targets the files containing valuable information, including databases, spreadsheets, archives, pictures, and videos. Additionally, the hackers behind CCPS Ransomware deliver a ransom note that contains information about the ransomware and the hackers’ ransom demands.
The Ransom Demand Associated with CCPS Ransomware
CCPS Ransomware’s operators promise a decryption key to unlock the affected files in exchange for $980. However, they offer a 50% discount if victims establish communication within 72 hours after encryption. The ransom note also instructs users to contact the criminals via helpmanager@mail.ch or restoremanager@airmail.cc. CCPS Ransomware’s operators also offer to decrypt one file for free to show they can unlock all the affected files.
How Do I Deal With a CCPS Ransomware Attack?
Although cooperating with hackers seems like an easy way out of the situation, we strongly advise victims not to engage with them. It is better to employ a reputable malware remediation program to scan for and remove CCPS Ransomware. To prevent data loss in the case of another ransomware attack, please consider backing up your data on an external hard drive or virtual cloud storage.
