JeepersCrypt is a ransomware Trojan that con artists use to force computer users to pay large amounts of money. It is currently unknown which encryption method (symmetric or asymmetric) JeepersCrypt uses.
JeepersCrypt is an independent ransomware project, not belonging to a larger family of ransomware (however, there are many similarities between the JeepersCrypt Ransomware and numerous other ransomware Trojans, since many of these threats have code and features in common).
Once infiltrated, JeepersCrypt encrypts various files and appends the ".jeepers" extension to the name of each affected file. JeepersCrypt will encrypt numerous file types, including the following:
.3gp, .7z, .apk, .avi, .bmp, .cdr, .cer, .chm, .conf, .css, .csv, .dat, .db, .dbf, .djvu, .dbx, .docm, ,doc, .epub, .docx, .fb2, .flv, .gif, .gz, .iso .ibooks,.jpeg, .jpg, .key, .mdb .md2, .mdf, .mht, .mobi .mhtm, .mkv, .mov, .mp3, .mp4, .mpg .mpeg, .pict, .pdf, .pps, .pkg, .png, .ppt .pptx, .ppsx, .psd, .rar, .rtf, .scr, .swf, .sav, .tiff, .tif, .tbl, .torrent, .txt, .vsd, .wmv, .xls, .xlsx, .xps, .xml, .ckp, .zip, .java, .py, .asm, .c, .cpp, .cs, .js, .php, .dacpac, .rbw, .rb, .mrg, .dcx, .db3, .sql, .sqlite3, .sqlite, .sqlitedb, .psd, .psp, .pdb, .dxf, .dwg, .drw, .casb, .ccp, .cal, .cmx, .cr2.
JeepersCrypt will deliver its ransom note in a program window titled 'the JeepersCrypt Ransomware.' This ransomware Trojan delivers its ransom note in Portuguese. The following is an English translation of JeepersCrypt's ransom message:
All your important files have been encrypted You have 24 hours to buy a private key to decrypt your files, the key is priced at 0.0200 BTC (bitcoin is worth 77 BRL) to buy the key contact us via email: firstname.lastname@example.org And send a message with the following title "I want to buy a key to decrypt my files" then I will pass the information on how to buy the key Time left [24 HOUR COUNTDOWN TIMER]