Threat Database Ransomware Cammora Ransomware

Cammora Ransomware

By GoldSparrow in Ransomware

The Cammora Ransomware is an encryption ransomware Trojan that belongs to a family of ransomware Trojans which includes threats like the GarrantyDecrypt Ransomware. The Cammora Ransomware was first released in the final week of February in 2019. The Cammora Ransomware is typically delivered to the victims via corrupted spam emails, which contain attachments or embedded scripts that download and install the Cammora Ransomware onto the victim's computer. Once installed, the Cammora Ransomware carries out a typical encryption ransomware attack, making the victim's files unreachable and then demanding a ransom payment in exchange for their return.

How the Cammora Ransomware Attack will Affect Your Files

The Cammora Ransomware uses the RSA encryption to make the victim's files inaccessible. The Cammora Ransomware attack makes the encrypted files to be easy to recognize because the Cammora Ransomware adds the file extension '.cammora' to each file compromised by the attack. Threats like the Cammora Ransomware typically target the user-generated files in these attacks, while avoiding the system files. The files that threats like the Cammora Ransomware will target with their encryption to carry out these attacks include:

.jpg, .jpeg, .raw, .tif, .gif, .png, .bmp, .3dm, .max, .accdb, .db, .dbf, .mdb, .pdb, .sql, .dwg, .dxf, .cpp, .cs, .h, .php, .asp, .rb, .java, .jar, .class, .py, .js, .aaf, .aep, .aepx, .plb, .prel, .prproj, .aet, .ppj, .psd, .indd, .indl, .indt, .indb, .inx, .idml, .pmd, .xqx, .xqx, .ai, .eps, .ps, .svg, .swf, .fla, .as3, .as, .txt, .doc, .dot, .docx, .docm, .dotx, .dotm, .docb, .rtf, .wpd, .wps, .msg, .pdf, .xls, .xlt, .xlm, .xlsx, .xlsm, .xltx, .xltm, .xlsb, .xla, .xlam, .xll, .xlw, .ppt, .pot, .pps, .pptx, .pptm, .potx, .potm, .ppam, .ppsx, .ppsm, .sldx, .sldm, .wav, .mp3, .aif, .iff, .m3u, .m4u, .mid, .mpa, .wma, .ra, .avi, .mov, .mp4, .3gp, .mpeg, .3g2, .asf, .asx, .flv, .mpg, .wmv, .vob, .m3u8, .dat, .csv, .efx, .sdf, .vcf, .xml, .ses, .qbw, .qbb, .qbm, .qbi, .qbr , .cnt, .des, .v30, .qbo, .ini, .lgb, .qwc, .qbp, .aif, .qba, .tlg, .qbx, .qby , .1pa, .qpd, .txt, .set, .iif, .nd, .rtp, .tlg, .wav, .qsm, .qss, .qst, .fx0, .fx1, .mx0, .fpx, .fxr, .fim, .ptb, .ai, .pfb, .cgn, .vsd, .cdr, .cmx, .cpt, .csl, .cur, .des, .dsf, .ds4, , .drw, .eps, .ps, .prn, .gif, .pcd, .pct, .pcx, .plt, .rif, .svg, .swf, .tga, .tiff, .psp, .ttf, .wpd, .wpg, .wi, .raw, .wmf, .txt, .cal, .cpx, .shw, .clk, .cdx, .cdt, .fpx, .fmv, .img, .gem, .xcf, .pic, .mac, .met, .pp4, .pp5, .ppf, .nap, .pat, .ps, .prn, .sct, .vsd, .wk3, .wk4, .xpm, .zip, .rar.

The Cammora Ransomware demands a ransom payment of 1500 USD in Bitcoin. The Cammora Ransomware demands the ransom payment via a ransom note dropped on the infected computer's desktop in a text file named #RECOVERY_FILES#.txt, which contains the following message for the victim:

'All your files have been encrypted!
NOW you should send us email with your personal identifier.
This email be as confirmation you are ready to pay for decryption key.
You have to pay for decryption in Bitcoins. The price depends on how fast you write to us.
After payment we will send you the decryption tool that will decrypt all your files.
Contact us using this email addresscammora19@pr0tonmaiI.com
And tell us your unique ID.'

Additional Aspects of the Cammora Ransomware Attack

The Cammora Ransomware and its variants may pose additional threats to the victims' computers apart from carrying out an encryption attack and may create a backdoor to the infected device or allow the criminals to have other unauthorized access to the victim's computer. This makes especially important that you take precautions against threats like the Cammora Ransomware. The best protection is to have file backups. Apart from file backups, malware researchers also advise having a recognized security program capable of intercepting and removing threats like the Cammora Ransomware before they compromise the victims' data and computers.

Trending

Most Viewed

Loading...