Combo ransomware: virus utilizes data encryption to modify files and extort money

Ransomware infects the system and demands payment for locked files

Dharma ransomware family is already known for being dangerous and having various versions. This Combo ransomware is active and still attacking PC users all over the world. This ransomware scans the system and encrypts files using sophisticated encryption methods. After this file locking virus adds .combo file extension to each file. This modification makes your data unreachable and useless. There is a slight possibility to got those files restored, but it is not recommended to contact the people behind this threat. Paying the ransom might not even help either. Hackers behind this ransomware are untrustful.

Combo ransomware displays a window with the details on this attack. It is a ransom note. This message contains instructions on the payment, contact email and more information, but there are no details about the ransom amount that is demanded for encrypted files. It is possible that the amount depends on the time you decide to wait until the payment. As most cybercriminals, developers of Combo ransomware asks for cryptocurrency payment, preferably Bitcoin. In most cases, it starts at 1 BTC.

Ransomware can gain remote access to your system

Ransomware is considered the most dangerous because of the whole file locking aspect among other cyber infections. Developers behind this Combo ransomware are dangerous hackers, and they can gain remote access on the infected device and freely work as they want to. This allows them to reach an operating system and launch or disable various processes.

It also can be dangerous because ransomware can install additional programs, executable files or change registry keys to make sure that malware is launched each time device is rebooted. This makes the virus persistent and malware elimination difficult. If the program installs or starts other processes, it might be impossible to get rid of it manually. This is why many researchers are recommending to rely on reputable malware-fighting software.

Files attached to spam emails are not that harmless

Email is widely used in various malicious campaigns. From phishing messages to spam email attachments and direct scams or spreading malicious programs like ransomware. You need to be more cautious while surfing through your emails because there might be a lot more threats than you can think of.

The features you may notice on insecure email:

  • Typos or grammar mistakes.
  • The sender is a well-known service, but the content of email doesn’t match their activity or name.
  • You are not allowed to answer.
  • Email has a document attached.
  • Email already is filled with ads or other commercial content.
  • There is a direct link in the email.

If you find some of these features in the email you were not waiting for, delete it immediately. Do not open emails like these. There might be a malicious script on the file attachments or direct links. Be sure to pay attention and clean your email box more frequently.