What is REPP Ransomware?

What is REPP Ransomware?

REPP is a file-encrypting ransomware infection that restricts access to data (documents, images, videos) by encrypting files with the “.repp” extension. It then attempts to extort money from victims by asking for “ransom”, in the form of Bitcoin cryptocurrency, in exchange for access to data. This ransomware targets all versions of Windows including Windows 7, Windows 8 and Windows 10. This executable will be launched and begin to scan all the drive letters on your computer for data files to encrypt.

How to REPP spread?

Computer users frequently are not keen on paying for legal software licenses and tend to search for their cracks or keygens online. Ransomware developers know that and therefore the main DJVU ransomware distribution vector is illegal software activation tools (such as KMSPico).

Malicious email spam isn’t known to be used by this ransomware, but you should be aware of this technique anyway. Failure to identify such emails can result in unexpected installation of various malware.

How REPP Ransomware work?

When this ransomware infects your computer it will scan all the drive letters for targeted file types, encrypt them, and then append the “.repp” extension to them. Once these files are encrypted, they will no longer able to be opened by your normal programs. When this ransomware has finished encrypting the victim’s files, it will also display a ransom note that includes instructions on how to contact these cybercriminals (helpmanager@firemail.cc or helpmanager@iran.ir).

This is the message that the REPP ransomware (_readme.txt) will display: