ShutUpAndDance Ransomware

ShutUpAndDance Ransomware is yet another malicious infection whose creator is hiding behind the infamous name of FSOCIETY. One other example of that is the devious FSociety Ransomware. Although the creator of this malicious infection is not known, it was discovered that they used the Hidden Tear open source code to develop it. Our research team has encountered many infections that were created using this code, including PooleZoor Ransomware, PTP Ransomware, and Proticc Ransomware. Most of these infections are named after the extensions that are added to the files they encrypt, and the story is the same with the malware discussed in this report. If the infection is executed successfully, soon enough, the “.ShutUpAndDance” extension is appended to many personal files. Can you delete the extension? You can, but that does not make a difference. Unfortunately, you cannot salvage your files by removing ShutUpAndDance Ransomware. So, what are you supposed to do? It is most important to keep your system protected because once encrypted, files might be doomed.

Do you know what Remote Desktop Protocol (RDP) is? It allows connecting to another computer over a network connection remotely. Although RDP can be extremely helpful, many security issues are known to be associated with it. For example, RDP can be vulnerable to man-in-the-middle and even worm attacks. If RDP clients are vulnerable due to the lack of updates or security measures, they can be used to spread malware. Spam emails can be used to deliver ShutUpAndDance Ransomware as well. All in all, you certainly can secure your operating system against this malware, and you need a little caution too. If you let in the infection, it immediately starts the encryption process, during which, the ransomware can corrupt personal files on the Desktop and Downloads, Documents, Music, Pictures, and Videos folders. ShutUpAndDance Ransomware is set to encrypt files with .doc, .docx, .xls, .index, .pdf,.zip, .rar, .css, .lnk, .xlsx, .ppt, .pptx, .odt, .jpg, .bmp, .png, .csv, .sql, .mdb, .php, .asp, .aspx, .html, .xml, .psd, .bk, .mp3, .mp4, .wav, .wma, .avi, .divx, .mkv, .mpeg, .wmv, .mov, and .ogg extensions. What if personal files are not stored in the aforementioned locations? If that is so, you might evade encryption, in which case, the only thing to worry about is the removal of the ransomware.

ShutUpAndDance Ransomware creates a file called “READ_IT.txt” on the Desktop, and it has a very short message: “Your files are encrypted! Send us an email for instructions fsocietyhelp@yandex.com.” The creators of the infection do not bother providing you with any information because they want you to email them as quickly as possible. If you do that, they then instruct you to pay a ransom, and we do not recommend getting involved with that. Why? Because you are unlikely to gain anything by giving your money to cyber criminals. Instead of that, you want to be focusing on the removal of the infection. And what about your files? You cannot delete the infection before your files are restored, right? First of all, it is unlikely that you can restore your files, and if you cannot find a legitimate, free file decryptor, you have to accept the loss. Do copies of corrupted files exist in the form of backups (cloud or external)? If they do, you really have nothing to worry about.

You want to delete ShutUpAndDance Ransomware quickly because you do not want cyber criminals anywhere near your operating system or you. If you know when exactly you executed this infection, you should know where the .exe file that launched it is. If you do, go ahead and delete it. That is it. If you cannot remove ShutUpAndDance Ransomware manually, you want to install a tool that will do it automatically. We encourage you to install anti-malware software because it will erase the infection, clean the system from other threats if they exist, and then will also ensure comprehensive protection. Without a doubt, you need protection because this ransomware is not the only threat in the world, and there are many other kinds of threats that can invade your operating system in many different ways. You want to keep your system guarded against all of them, and an anti-malware program can take care of that the best.

ShutUpAndDance Ransomware Removal

1. Delete recently downloaded suspicious files.
2. Delete the ransom note file, READ_IT.txt.
3. Empty Recycle Bin.
4. Run a full system scan using a legitimate malware scanner.