DeroHE Ransomware is a promotional malware that markets the DERO Coins. It encrypts user data and give three options to users to get their files back.
- Pay a ransom of least 200 DERO to get the decryption key and software. Attacker promise to give 5 times in return when DERO Coint worth $100/Coin
- Victims ask iobit.com to send them 100000 (1 hundred thousand) DERO coin to this address.
dERopYDgpD235oSUfRSTCXL53TRakECSGQVQ2hhUjuCEjC6zSNFZsRqavVVSdyEzaViULtCRPxzRwRCKZ2j2ugCg26hRtLziwu
- Market DeroHE coins on your social media accounts
It appends "DERO IS THE NEXT BIT COIN" at the end of each file, promoting the DERO cryptocurrencies.
.DeroHE extension is added to file name.
DeroHE Ransomware Signatures
Family: Trojan:Win32/Ymacco.AAB5
MD5: 0845197d8244d6a5b670c79f28680245
SHA256: b53f222ffcc99939a1141a06e2240525c7154fcf2f39f8c5ca19a079e08a41fd
DeroHE Ransomware Download