'.combo File Extension' Ransomware

PC security researchers reported on July 23, 2018, that a new variant of the Dharma family of encryption ransomware Trojans was spotted. The '.combo File Extension' Ransomware is a version of this threat that is nearly identical to the many other variants of Dharma released in the last year. The '.combo File Extension' Ransomware, like many of its predecessors, is distributed mainly through file attachments contained in spam email messages. When the victim opens the file attachment, which often takes the form of a Microsoft Word file with damaged embedded macros, the '.combo File Extension' Ransomware will be installed on the targeted PC.

How the '.combo File Extension' Ransomware Carries Out Its Attack

The '.combo File Extension' Ransomware infection is quite simple: the '.combo File Extension' Ransomware uses AES 256 encryption to make the victim's files inaccessible. This allows the criminals responsible for the '.combo File Extension' Ransomware to take the victim's files hostage. The victim will no longer be able to open the affected files without the decryption key, which the criminals hold in their possession and will only give up in exchange for a ransom payment. The '.combo File Extension' Ransomware targets the user-generated files, including things like media files, databases, images, and numerous document types. The known examples of the files that threats like the '.combo File Extension' Ransomware target in their attacks are:

.ebd, .jbc, .pst, .ost, .tib, .tbk, .bak, .bac, .abk, .as4, .asd, .ashbak, .backup, .bck, .bdb, .bk1, .bkc, .bkf, .bkp, .boe, .bpa, .bpd, .bup, .cmb, .fbf, .fbw, .fh, .ful, .gho, .ipd, .nb7, .nba, .nbd, .nbf, .nbi, .nbu, .nco, .oeb, .old, .qic, .sn1, .sn2, .sna, .spi, .stg, .uci, .win, .xbk, .iso, .htm, .html, .mht, .p7, .p7c, .pem, .sgn, .sec, .cer, .csr, .djvu, .der, .stl, .crt, .p7b, .pfx, .fb, .fb2, .tif, .tiff, .pdf, .doc, .docx, .docm, .rtf, .xls, .xlsx, .xlsm, .ppt, .pptx, .ppsx, .txt, .cdr, .jpe, .jpg, .jpeg, .png, .bmp, .jiff, .jpf, .ply, .pov, .raw, .cf, .cfn, .tbn, .xcf, .xof, .key, .eml, .tbb, .dwf, .egg, .fc2, .fcz, .fg, .fp3, .pab, .oab, .psd, .psb, .pcx, .dwg, .dws, .dxe, .zip, .zipx, .7z, .rar, .rev, .afp, .bfa, .bpk, .bsk, .enc, .rzk, .rzx, .sef, .shy, .snk, .accdb, .ldf, .accdc, .adp, .dbc, .dbx, .dbf, .dbt, .dxl, .edb, .eql, .mdb, .mxl, .mdf, .sql, .sqlite, .sqlite3, .sqlitedb, .kdb, .kdbx, .1cd, .dt, .erf, .lgp, .md, .epf, .efb, .eis, .efn, .emd, .emr, .end, .eog, .erb, .ebn, .ebb, .prefab, .jif, .wor, .csv, .msg, .msf, .kwm, .pwm, .ai, .eps, .abd, .repx, .oxps, .dot.

The '.combo File Extension' Ransomware makes the files it encrypts simple to recognize because the '.combo File Extension' Ransomware will add the file extension '.combo' to each affected file, as well as the contact email address for the criminals responsible for the '.combo File Extension' Ransomware. The '.combo File Extension' Ransomware also will make the affected files to show up as blank icons on Windows Explorer and they will not be accessible after being encrypted. Unfortunately, the '.combo File Extension' Ransomware uses an encryption method that is quite strong, and it is impossible to restore access to the affected files without the decryption key.

Dealing with the '.combo File Extension' Ransomware

It is not recommended to write to the '.combo File Extension' Ransomware's contact email or communicating with the criminals responsible for this attack in any way. Doing this puts you at risk for additional infections, and there is no guarantee that the criminals responsible for the '.combo File Extension' Ransomware will restore access to the affected data even after the victim pays the ransom. Because the '.combo File Extension' Ransomware attack uses a highly powerful encryption method, preventive measures are important to keep your data away from threats like the '.combo File Extension' Ransomware. The best prevention against the '.combo File Extension' Ransomware threat is to have file backups. This allows computer users to restore their files from the backup quickly without having to attempt to negotiate with criminals.