'.cccmn File Extension' Ransomware

'.cccmn File Extension' Ransomware Description

The '.cccmn File Extension' Ransomware is a file-locking Trojan from the Dharma Ransomware sub-division of the Crysis Ransomware family. Attacks by these threats use the AES and RSA encryptions for locking your PC's media content, as well as erasing Windows backups and delivering ransoming demands in Web pages. Most anti-malware programs can delete the '.cccmn File Extension' Ransomware safely from your computer, but there is no free decryption or unlocking solution for the modern iterations of this Trojan.

A Pretense of Security Software is Attacking Your Files

Between old variants of the Dharma Ransomware, like the 'wisperado@india.com' Ransomware and the Wallet Ransomware, along with new models such as the 'help@decrypt-files.info' Ransomware and the '.AUDIT File Extension' Ransomware, this family is sustaining regular, extortionist activity for profit. The long-term growth of its RaaS model of business, also, is experiencing some variety in how different criminals choose to exploit the file-locking Trojan on a case-by-case basis. For example, malware experts are verifying the '.cccmn File Extension' Ransomware's use of a fake security software disguise.

The '.cccmn File Extension' Ransomware's choice for concealing itself is different from that of the equally-recent the '.AUDIT File Extension' Ransomware completely, whose campaign uses shareware credentials for hiding its executable. Instead, the '.cccmn File Extension' Ransomware takes the risk of pretending that it's a product by Emsisoft, an AV and anti-malware company. However, just as with the second Trojan, the '.cccmn File Extension' Ransomware doesn't hijack digital signatures for completing the disguise and making it appear authentic.

Once it's on-board a Windows PC, the '.cccmn File Extension' Ransomware collects and uploads system information for identifying the infection to the threat actor and transferring over the decryption credentials. More importantly than that, it searches for, and encrypts, numerous media formats in multiple folders on the computer, such as documents, pictures or archives. The extension that the Trojan adds is unique to this campaign, and malware researchers find different filename-identifiers in other variants of Dharma Ransomware regularly.

A Measure of Security against a Fake Security Program

Traditional infection strategies for different releases of the Dharma Ransomware (and its overarching family of the Crysis Ransomware) involve 'hacking' a non-secure login with brute-force attacks, as well as taking advantage of RDP features, with an emphasis on business-owned servers. Some users also could endanger their PCs by opening corrupted e-mail attachments, and malware researchers, periodically, find cases of Web browser-driven exploit kits dropping file-locking Trojans of various types. Since there isn't a free decryption option for the '.cccmn File Extension' Ransomware, saving files emphasizes backups and infection-preventing security steps.

While Windows does keep backups of file data for 'rolling back' to a previous state, the '.cccmn File Extension' Ransomware is likely of wiping this information, just like other versions of the Dharma Ransomware. No substantial symptoms are visible for victims while its encryption routine runs, and malware researchers warn that infections are equally likely of entailing long-term security issues from a threat actor's possessing backdoor access. Disable your network connection and remove the '.cccmn File Extension' Ransomware with a trusted anti-malware program before retrieving your files from their backups, if it's possible.

The '.cccmn File Extension' Ransomware isn't being extremely unorthodox with how it hides while locking your media, but creativity isn't a requirement for the success of a digital ransom. Paying after the fact for not protecting your files, instead of paying the price of a good backup solution, inevitably, will be more expensive than doing otherwise.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to '.cccmn File Extension' Ransomware may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria.

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Posted: November 12, 2018
Home Malware Programs Ransomware '.cccmn File Extension' Ransomware

Leave a Reply

Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter. If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.