Mobef-Salam Ransomware

The Mobef-Salam Ransomware is an encryption ransomware Trojan that was first observed on February 23, 2018. The Mobef-Salam Ransomware is very similar to other encryption ransomware Trojans released in recent times, including the Parisher Ransomware and the Mobef Ransomware. The Mobef-Salam Ransomware, like other encryption ransomware Trojans, will encrypt the victim's files using a strong encryption algorithm, delete file recovery measures on the infected computer, such as the Shadow Volume snapshots and system recovery points, and deliver a ransom note demanding a ransom payment from the victim in exchange for the decryption key required to restore the affected files. Ransomware Trojans like the Mobef-Salam Ransomware are becoming more common increasingly, and it is important that PC users take steps to protect their data from the Mobef-Salam Ransomware and other, similar malware threats actively.

Symptoms of a Mobef-Salam Ransomware Infection

The Mobef-Salam Ransomware will be installed after the victims open a phishing email file attachment. These emails impersonate legitimate senders such as Amazon or PayPal usually. They take the form of Microsoft Office files with embedded macro scripts that download and install the Mobef-Salam Ransomware onto the victim's computer when the file is opened. The Mobef-Salam Ransomware will use the AES 256 encryption to make the victim's files inaccessible. The Mobef-Salam Ransomware targets the user-generated files, which can range from pictures and videos to different documents types and databases. A few of the file types that may be compromised by attacks like the Mobef-Salam Ransomware include:

.3dm, .3g2, .3gp, .7zip, .aaf, .accdb, .aep, .aepx, .aet, .ai, .aif, .as, .as3, .asf, .asp, .asx, .avi, .bmp, .c, .class, .cpp, .cs, .csv, .dat, .db, .dbf, .doc, .docb, .docm, .docx, .dot, .dotm, .dotx, .dwg, .dxf, .efx, .eps, .fla, .flv, .gif, .h, .idml, .iff, .indb, .indd, .indl, .indt, .inx, .jar, .java, .jpeg, .jpg, .js, .m3u, .m3u8, .m4u, .max, .mdb, .mid, .mkv, .mov, .mp3, .mp4, .mpa, .mpeg, .mpg, .msg, .pdb, .pdf, .php, .plb, .pmd, .png, .pot, .potm, .potx, .ppam, .ppj, .pps, .ppsm, .ppsx, .ppt, .pptm, .pptx, .prel, .prproj, .ps, .psd, .py, .ra, .rar, .raw, .rb, .rtf, .sdf, .sdf, .ses, .sldm, .sldx, .sql, .svg, .swf, .tif, .txt, .vcf, .vob, .wav, .wma, .wmv, .wpd, .wps, .xla, .xlam, .xll, .xlm, .xls, .xlsb, .xlsm, .xlsx, .xlt, .xltm, .xltx, .xlw, .xml, .xqx, .xqx, .zip.

The Mobef-Salam Ransomware will demand a ransom payment in exchange for the decryption key necessary to restore the affected files after encrypting the victim's files. The Mobef-Salam Ransomware delivers its ransom note in a text file named 'READ.4YOU.txt.' This ransom note is dropped on the infected computer's desktop and contains the following message:

'APPID: [EDITED]
COMPUTER: [EDITED]
LOGIN: [EDITED]
*******
salam. haha sorry i kript ur filez. they safe, so no needs w0rring. but u cant break my l33t cipher, if u wanna back filez email me quick 0k? you pay me bitcoins...
maktoob786@takfir24.net
byezzzzz
c:\windows\2xxxxx.log'

Judging from previous versions of the Mobef-Salam Ransomware and related ransomware Trojans, the ransom amount tends to be close to 1000 USD, to be paid in Bitcoins. However, infected PC users should think carefully before agreeing to pay the Mobef-Salam Ransomware ransom or contacting the people responsible for this attack. The chances of getting back the affected data with the help of the people behind a ransomware attack are almost nonexistent. Instead, affected users should do whatever it is necessary to combat the Mobef-Salam Ransomware and similar threats.

Protecting Your Data from Threats Like the Mobef-Salam Ransomware

The best protection against ransomware Trojans like the Mobef-Salam Ransomware is to have file backups in highly protected places. Having backup copies of your files removes any leverage that allows the cybercrooks to demand money from you in exchange for your files. A trustworthy security program that is fully up-to-date can prevent the Mobef-Salam Ransomware from being installed in the first place. Since the Mobef-Salam Ransomware and similar threats may rely on spam email attachments to reach the victim's files, learning to recognize and avoid these tactics is an essential part of preventing these attacks.