Remove Haron Ransomware
The Haron Ransomware is a dangerous file-encryption Trojan whose attack is easy to mitigate, but difficult to recover from. Needless to say, it is best to take preventive measures to make sure that threats of this type will not get a chance to cause damage to your system. If Haron Ransomware's attack is executed successfully, it will prevent you from accessing your most important data. The file types that this ransomware targets are numerous – documents, media, archives, and more. The contents of these files are encrypted, and then their names are changed to include an extension, which seems to represent the victim's name. In one of the analyzed samples, the ransomware used the '.chaddad' extension to mark the names of the files belonging to CHADDAD Group.
Unfortunately, victims might not have access to reliable data recovery options. There is no free decryption utility for the Haron Ransomware. The authors of the malware claim to own the decryption tool and keys necessary to complete the data recovery process. However, they ask for a ransom payment in exchange for the decryption service. Their full instructions can be seen in the ransom message 'RESTORE_FILES_INFO.txt' and 'RESTORE_FILES_INFO.hta,' which the Haron Ransomware drops on systems it compromises.
Haron Ransowmare Gang Threatens to Leak Files Online
Instead of using emails to contact the victims, the criminals are asking them to visit a TOR-based payment page. Victims are also provided with a login and password that will work on the TOR-hosted website. Allegedly, victims need to follow the instructions hosted there it get their data back. The criminals state that victims have three days to pay before they start publishing the contents of their data online. Needless to say, this is a serious threat since no company wants to have its contacts, databases, and conversations published online. Similar strategies are used by other new file-locker gangs like the AvosLocker Ransomware.
While Haron Ransomware's attack is very scary, victims should not be tricked into paying the ransom sum. The crooks offer no guarantee that the issue will be resolved once the payment is submitted. If you opt to pay them, you may not get anything in return. It is best to run an anti-malware tool to eliminate the threat, and then try out alternative file restoration options.