Bmd Ransomware

Bmd Ransomware Description

The Bmd Ransomware is a potent crypto locker threat that targets the most popular file types, encrypts them, and attempts to extort money from its victims in exchange for their restoration. The Bmd Ransomware is not a wholly unique threat, though, as its code shows that it can be classified as a part of the Dharma Ransomware family of threats. The only aspects of the threat that set it apart from the rest of the malware family are the specific extension it uses and the email the hackers' address.

When Bmd Ransomware encrypts a file, it uses a lengthy pattern to change its name. It appends a unique string that represents the ID of the victim, followed by the 'backmydata@protonmail.com' email address, and finally '.bdm' as a new extension. Instructions for the victims are left in a text file named 'FILES ENCRYPTED.txt' that is dropped in every folder containing locked data, as well as a pop-up window generated on the device's screen.

No specific sum is mentioned for the decryption, but the hackers do leave another email address at 'backmydata@airmail.cc' that should be used if the victims receive no response on the primary email within 12 hours.

If you have been affected by Bmd Ransomware, it is recommended to clean the compromised computer by using a legitimate anti-malware software and only after attempting to restore the encrypted files from an appropriate backup.

The text contained in the 'FILES ENCRYPTED.txt' file is:

'all your data has been locked us

You want to return?

write email backmydata@protonmail.com or backmydata@airmail.cc.'

The text of the pop-up window is:

'YOUR FILES ARE ENCRYPTED

Don't worry,you can return all your files!

If you want to restore them, follow this link: email backmydata@protonmail.com YOUR ID -

If you have not been answered via the link within 12 hours, write to us by email:backmydata@airmail.cc

Attention!

Do not rename encrypted files.

Do not try to decrypt your data using third party software, it may cause permanent data loss.

Decryption of your files with the help of third parties may cause increased price (they add their fee to our) or you can become a victim of a tactic.'

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.