Dom Ransomware

By Mezo in Ransomware

Translate To:

The Dom Ransomware threat belongs to a malware type designed specifically to render the data of the targeted victims unusable. By running an encryption routine on the breached devices, these threats can lock any documents, archives, databases, images and many other file types. The impacted files will be used as a way to extort money from the victims.

Ransomware threats typically mark the files they lock with a specific file extension. In this case, the Dom Ransomware will change the original names of the encrypted files considerably. The threat will first append to them an ID string that is unique for the specific victim. Next, 'dekrypt666@onionmail.org' will be added. Finally, '.dom' will be attached as a new extension. Victims also will notice the appearance of an unfamiliar text file on the desktop of their systems. The file will be named 'ENCRYPTED.txt' and its role is to deliver a ransom note with instructions from the cybercriminals.

According to the message dropped by the Dom Ransomware, the only way to reach the threat actors is by messaging the email account found in the names of the locked files. Victims are told that they also will need to provide their specific MachineID and LaunchID. The ransom note doesn't reveal the size of the demanded ransom or if the hackers are willing to decrypt a couple of files for free as a demonstration. Instead, the ransom-demanding message concludes with several warnings, such as not renaming the locked files or trying to recover them via third-party software tools.

The full text of Dom Ransomware's note is:

'!!! ALL YOUR FILES ARE ENCRYPTED !!!
All your files, documents, photos, databases and other important files are encrypted.
You are not able to decrypt it by yourself! The only method of recovering files is to purchase an unique private key.
Only we can give you this key and only we can recover your files.
Do you really want to restore your files?
You can write us to our mailboxes: dekrypt666@onionmail.org
(in subject line please write your MachineID: - and LaunchID: -)
Attention!
* Do not rename encrypted files.
* Do not try to decrypt your data using third party software, it may cause permanent data loss.
* Decryption of your files with the help of third parties may cause increased price (they add their fee to our) or you can become a victim of a scam.'

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

Dom Ransomware

Submit Comment

Related Posts

DominantNetwork

Ttdomen.top

News-domeku.com

Crisp-freedom.com

Domesticfutures.com

Domdlyph.com

Trending

Safe Search Eng

Findtheirreport.com

MarioLocker Ransomware

Most Viewed

Is Lookmovie.io Safe?

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen