HOOP Ransomware is the Another Addition to the STOP/Djvu Ransomware Family
Since malware researchers initially identified it in 2018, the Djvu/STOP ransomware family has added hundreds of new variants under its umbrella, quickly becoming one of the world’s most prominent ransomware groups. New members of the ever-growing family are being detected regularly and Hoop Ransomware is one of them. It is referred to as Hoop after the extension it uses to append the infected files. The ransomware operates like its counterparts in the STOP/Djvu family and encrypts files before making a ransom demand.
Hoop Ransomware scans a victim’s PC to look for user-generated files. Hoop Ransomware seeks to target any file that might contain valuable information, including databases, spreadsheets, archives, pictures, and videos. All files that Hoop Ransomware encrypts are easy to recognize because the ransomware will append the files with the “.hoop” extension. For example, a file named “picture.jpeg” will be renamed to “picture.jpeg.hoop”
In addition, the ransomware operators also deliver a ransom note named “_readme.txt”, which contains information regarding the ransomware and the hackers’ ransom demands.
The Ransom Demand Associated with Hoop Ransomware
Hoop Ransomware’s operators promise a decryption key to unlock the affected files in exchange for $980. However, they do offer a 50% discount if victims establish communication within 72 hours after encryption. The ransom note also instructs users to contact the criminals via the emails helpmanager@mail.ch or restoremanager@airmail.cc. Like most ransomware operators, the hackers behind Hoop Ransomware offer to decrypt one file for free to display their ability to unlock all the affected files should the victim pay up.
We strongly advise viewers not to engage the hackers and employ a reputable malware remediation program to scan for and rid their system of the destructive Hoop Ransomware.
