Remove Coms Ransomware

The Coms Ransomware is a file-locker that you do not want to deal with. It is part of the infamous Dharma Ransomware family, and users who fall victim to its attack will not have access to a free decryptor. This malware uses an excellent file-locking mechanism, which is impossible to reverse via free utilities. Thankfully, victims should still be able to restore the files from a backup, but users who do not have access to a backup might be in a lot of trouble. Other members of this family are the Bdev Ransomware and the Ctpl Ransomware.

Just like other ransomware attacks, this one also focuses on extorting money from its victims. Coms Ransomware's creators drop a ransom note called 'FILES ENCRYPTED.txt,' which explains the attack to the victim and instructs them to send Bitcoin to the attackers in exchange for decryption software. They also offer to unlock one file for free, as long as the victim sends it to golbnaty@aol.com or supporte@onionmail.org.

The files that Coms Ransomware damages are recognizable through the extension '.id-<VICTIM ID>.[golbnaty@aol.com].coms' extension. Keep in mind that removing the newly added suffix has nothing to do with the encrypted contents of the file – they will still be unusable.

Victims of the Coms Ransomware should ignore the message of the extortionists. Instead, they need to run an up-to-date anti-malware tool to assist with Coms Ransomware's removal. After the malware is gone, users should proceed to restore from a backup or experiment with other data recovery options.

May 13, 2021

Leave a Reply