Koom Ransomware
The Koom Ransomware belongs to the STOP/Djvu family of ransomware threats and, as such, doesn't display any meaningful improvements over the typical variants from the STOP/Djvu family. To distinguish itself from the rest it uses a different file extension to mark the files it encrypts. In this case, users will notice that their locked files have '.koom' appended to their original names.
When the Koom Ransomware has finished encrypting all files that match its list of targeted file types, it will proceed to deliver a ransom note to the infected system as a text file named '_readme.txt.' The note contains the usual instructions associated with STOP/Djvu threats.
Victims are told that to receive the decryption key and software tool necessary for the restoration of the files, they will have to pay the sum of $980 to the hackers. However, if the affected users initiate contact within the first 72 hours, the amount of the ransom will supposedly be decreased by 50% to $490.
To receive further instruction on how to transfer the money, victims are directed to contact the two email addresses found in the ransom note - 'manager@mailtemp.ch' and 'managerhelper@airmail.cc.' They also can attach a single locked file that the hackers promise to decrypt and return for free.
The full text of the ransom note:
'ATTENTION!
Don't worry, you can return all your files!
All your files like pictures, databases, documents and other important are encrypted with strongest encryption and unique key.
The only method of recovering files is to purchase decrypt tool and unique key for you.
This software will decrypt all your encrypted files.
What guarantees you have?
You can send one of your encrypted file from your PC and we decrypt it for free.
But we can decrypt only 1 file for free. File must not contain valuable information.
You can get and look video overview decrypt tool:
hxxps://we.tl/t-vtoEIhR0SI
Price of private key and decrypt software is $980.
Discount 50% available if you contact us first 72 hours, that's price for you is $490.
Please note that you'll never restore your data without payment.
Check your e-mail "Spam" or "Junk" folder if you don't get answer more than 6 hours.To get this software you need write on our e-mail:
manager@mailtemp.chReserve e-mail address to contact us:
managerhelper@airmail.ccYour personal ID:'
