Ducky Ransomware encrypts user data and asks them to contact the attacked on Telegram handle duckydecrypt or contact them at firstname.lastname@example.org in 48 hours for a ransom amount. Attacker threats the victims if they fail to contact them in due time ransom will be double. ducky
extension is added to all encrypted files, hence the name.
Ducky Ransomware Signatures
Ducky Ransomware Download