Home / Parasites / Trojans / BOMBO Ransomware
Click on screenshot to zoom
Danger level 6
Type: Trojans
Common infection symptoms:
  • Normal system programs crash immediatelly
  • Connects to the internet without permission
  • Installs itself without permissions
  • Can't be uninstalled via Control Panel

BOMBO Ransomware

BOMBO Ransomware is a dangerous computer infection that will not let you work on your computer properly because it will encrypt your files. When your files are encrypted, your system can no longer read them, and you have to look for ways to restore them. If you have a file backup, restoring your files is a piece of cake. If not, you may have to resort to other file recovery methods. Don’t forget that you also have to remove BOMBO Ransomware from your system. Luckily, the malware removal isn’t that complicated, but you should also invest in a licensed antispyware tool.

This infection is not a stand-alone infection. It means that it comes from a group of similar intruders, and all of them are based on the same code. Consequently, all programs from this group will behave in a similar manner, although we can’t apply the same decryption key across different programs from the same family, and that is a bummer, so to speak. The ransomware family in question is the Crysis Ransomware group. Therefore, BOMBO Ransomware is rather similar to Skynet45@tutanota.com Ransomware, BTC@fros.cc Ransomware, and others. It will also employ similar distribution methods to reach you.

How do ransomware programs spread around? For the most part, spam email attachments are the most common ransomware distribution method. It may seem quite redundant because anyone can simply delete the email without even checking its contents, thus avoiding the infection. However, there are tons of users out there who get tricked into opening a spam email message. And then, they download and open the attached file that eventually, launches the malicious infection. How come users think those attached files are important?

Well, that’s mostly because the attached files look like legitimate documents. And if users deal with such documents and similar emails every single day, they might think it’s just another file they have to process. Of course, a closer look at the message that comes with the file would tell you that something is off. However, the most efficient way to avoid BOMBO Ransomware is to scan the received files before opening them. Use a powerful security application that would help you determine whether the files are legitimate or not.

On the other hand, if you happen to have BOMBO Ransomware on your computer, you will definitely see that your files have gotten encrypted. All the affected files have the “.id-X0X0XXX0.[Bit_decrypt@protonmail.com.BOMBO extension. Please note that the X0X0XXX0 part stands for a unique ID that every single infected system gets separately. This ID allows the criminals to determine how many unique systems were infected, and it also functions as an identification tool.

With the encryption, you also get a ransom note. We have an extract from the message here:

Don’t worry, you can return all your files!
If you want to restore them, follow this link: [email address]
If you have no been answered via the link within 12 hours, write to use by e-mail: [email address 2]
Attention!
Do not rename encrypted files.
Do not try to decrypt your data using third party software, it may cause permanent data loss.
Decryption of your files with the help of third parties may cause increased price (they add their fee to our) or you can become a victim of a scam.

As you can see, the criminals imply that they are the only ones who have the decryption key and who can help you restore your files. However, these claims shouldn’t stop you from removing BOMBO Ransomware and looking for other ways to get your files back. Not to mention that there shouldn’t be a problem if you have a full file back-up ready.

Removing BOMBO Ransomware from the system isn’t too hard either. Yet, if you do not feel confident about manual removal, you should clearly acquire a licensed antispyware tool that will help you terminate BOMBO Ransomware for good.

When you have your system protected, don’t forget to consider creating a new file back-up (if you haven’t had one). While you may have dealt with one ransomware threat, don’t forget that you could encounter something like BOMBO Ransomware in the future, too. So, you have to be ready when that happens.

How to Remove BOMBO Ransomware

  1. Delete unfamiliar files from Desktop.
  2. Delete unfamiliar files from the Downloads folder.
  3. Press Win+R and type %TEMP%. Click OK.
  4. Delete the most recent files from the directory.
  5. Press Win+R again and type %APDATA%. Click OK.
  6. Remove the Info.hta file.
  7. Go to Microsoft\Windows\Start Menu\Programs\Startup.
  8. Delete the Info.hta and an EXE file with a random name.
  9. Run a full system scan with SpyHunter.
Download Spyware Removal Tool to Remove* BOMBO Ransomware
  • Quick & tested solution for BOMBO Ransomware removal.
  • 100% Free Scan for Windows
disclaimer
Disclaimer

Post comment — WE NEED YOUR OPINION!

Comment:
Name:
Please enter security code:
 This is a captcha-picture. It is used to prevent mass-access by robots.

 
© 2006-2024 pcthreat.com  |  Terms of use |  Privacy policy |  About us |  Link to US