Domn Ransomware

File-encryption Trojans continue to be one of the most profitable hacking tools that cybercriminals use. These Trojans' primary purpose is to infect a computer, disable popular data recovery options, and then launch a destructive file-encryption attack that leaves victims with tons of encrypted documents, archives, videos and other files. One of the notable ransomware families active in 2019 is known as the STOP Ransomware family, and its ranks were bolstered by a new member – the Domn Ransomware recently.

Just like previous variants of the STOP Ransomware, this one also is considered to be incompatible with free data decryption solutions. Cybersecurity researchers' attempts to crack the Domn Ransomware's encryption have been unsuccessful so far, and victims of this threat may have a very difficult challenge ahead of them when it comes to recovering their files.

The Domn Ransomware might Reach Victims via a Phishing Email

Threats like the Domn Ransomware are often delivered via corrupted email attachments, which are accompanied by a bogus email that declares to come from a reputable source – a job agency, a delivery service or even a government institution. The criminals behind ransomware threats are known to use advanced social engineering techniques to trick their victims into opening harmful file attachments. When the Domn Ransomware is launched, it will get to work by carrying out its tasks in the background immediately. It encrypts various file formats to maximize its damage, and it always ends the attack by leaving a ransom note in the file '_readme.txt.'

According to the contents of the ransom message, victims can recognize the encrypted files by the '.domn' extension that was added at the end of their names. Furthermore, victims are told that they have a limited deadline to contact the perpetrators and complete a ransom payment for data decryption services. The price is set to $490, but it may be doubled if the user does not pay out on time. The authors of the Domn Ransomware have opted to use the emails gorentos@bitmessage.ch and gorentos2@firemail.cc for communication purposes.

If you think that the Domn Ransomware has infected your computer and taken your files as hostages, then we advise you not to co-operate with the threat's operators. They may take the money and leave you in the dark – many ransomware authors have tricked their victims like that in the past. Instead of co-operating with anonymous criminals, you should use a reputable anti-virus product to eliminate the Domn Ransomware's files, and then look for popular data recovery options.