Esolutions warning: Combo ransomware still actively attacks all over the world

Dangerous ransomware is alive and attacking

Ransomware is one of the most dangerous silent intruders because it demands a ransom for encrypted files. But as we always advise, you shouldn’t be paying the ransom. This may lead to permanent data or even money loss. If you happened to encounter this particular Combo ransomware, be aware that this is a virus created by cybercriminals and they are not trustworthy. Paying the demanded ransom or contacting these people can get you nowhere. Hackers tend to disappear and ignore their victims after the payment is done.

Often virus developers suggest the free decryption of a few files or promise to send you a decryption tool. However, there is a very little possibility that this decryption tool exists. They only care for getting your money, not about your locked files. The best way to get your files restored is data recovery software or backups. But you can perform this file restoring only after the proper virus removal.

Combo ransomware functionality

Since this is a version of Dharma ransomware, it works similarly to other versions in this family. The first thing Combo virus does after infiltration is a full system scan. It determines if the system was encrypted already or not. If not, ransomware utilizes sophisticated encryption algorithms and locks most of your data. The virus ads file extension in the pattern{ID-here}.[[email protected]].combo to each modified file. These can be anything from photos, videos to documents or archives. This process makes those files unreachable.

After this encryption process is successful ransomware places a ransom note on every folder containing encrypted files and possibly displays the message on your Desktop wallpaper or in an HTML window. In this note, there is more information about the attack. Criminals suggest you contact them via [email protected] email address after you pay the ransom. The ransom amount is not stated in this message, but often it starts with 1 BTC.

Tips on preventing ransomware

The only tip on malware like Combo ransomware prevention is paying more attention. These intruders come via spam email attachments, in most cases. Those emails can be filled with commercial content and one of those links infected with malicious script. There also a macro-virus that can be found on the safe-looking document. The minute you download and open this file on your device you get the cyber infection. You should be more cautious while opening random emails and try to clean your email box more often, so you are not tricked into any scam.

The first thing you need to consider when thinking about virus prevention is sources of your software. You need to get your freeware, applications from reputable sources. Especially anti-malware tools that Combo ransomware removal requires. These need to be reliable to work correctly. Use trustworthy tools and get rid of this ransomware. Then, try data recovery tools. This is very important because ransomware can encrypt any data on plugged in devices. Double-check if the system is clear and then recover your data from a backup.

Posted in support.