Double-crossing ransomware decryptor scrambles your files again!

Paul Ducklin reports:

Here’s one for the books: ransomware that’s disguised as a free anti-ransomware decryption tool.

The sample we looked at claims to be a decryptor for the DJVU ransomware, which gets its name from the .djvu extension it appends to files that it’s just scrambled.

Read more on NakedSecurity.

Attorney General James Announces Settlement with Wojeski & Company Accounting Firm
A business's cyber insurance policy included ransom coverage, but when they needed it, the insurer refused to pay. Why?
The Alliance That Wasn’t: A Critical Analysis of ReliaQuest’s Q3 2025 Ransomware Report
Heritage Provider Network $49.99M Class Action Settlement
Qilin Ransomware and the Ghost Bulletproof Hosting Conglomerate
Watsonville Community Hospital had a data breach -- or two. It would be helpful to know which.

Related: