Threat Database Ransomware Dom Ransomware

Dom Ransomware

The Dom Ransomware threat belongs to a malware type designed specifically to render the data of the targeted victims unusable. By running an encryption routine on the breached devices, these threats can lock any documents, archives, databases, images and many other file types. The impacted files will be used as a way to extort money from the victims. 

Ransomware threats typically mark the files they lock with a specific file extension. In this case, the Dom Ransomware will change the original names of the encrypted files considerably. The threat will first append to them an ID string that is unique for the specific victim. Next, 'dekrypt666@onionmail.org' will be added. Finally, '.dom' will be attached as a new extension. Victims also will notice the appearance of an unfamiliar text file on the desktop of their systems. The file will be named 'ENCRYPTED.txt' and its role is to deliver a ransom note with instructions from the cybercriminals.

According to the message dropped by the Dom Ransomware, the only way to reach the threat actors is by messaging the email account found in the names of the locked files. Victims are told that they also will need to provide their specific MachineID and LaunchID. The ransom note doesn't reveal the size of the demanded ransom or if the hackers are willing to decrypt a couple of files for free as a demonstration. Instead, the ransom-demanding message concludes with several warnings, such as not renaming the locked files or trying to recover them via third-party software tools.

The full text of Dom Ransomware's note is:

'!!! ALL YOUR FILES ARE ENCRYPTED !!!

All your files, documents, photos, databases and other important files are encrypted.

You are not able to decrypt it by yourself! The only method of recovering files is to purchase an unique private key.

Only we can give you this key and only we can recover your files.

Do you really want to restore your files?

You can write us to our mailboxes: dekrypt666@onionmail.org

(in subject line please write your MachineID: - and LaunchID: -)

Attention!

* Do not rename encrypted files.

* Do not try to decrypt your data using third party software, it may cause permanent data loss.

* Decryption of your files with the help of third parties may cause increased price (they add their fee to our) or you can become a victim of a scam.'

Related Posts

Trending

Most Viewed

Loading...