Covm Ransomware

Covm Ransomware Description

The Covm Ransomware is a file-locking Trojan that's from the Ransomware-as-a-Service known as STOP Ransomware and Djvu Ransomware. While its identifying characteristic is stopping files from opening for a ransom, it also may include side effects like blocking websites and wiping backups. Professional anti-malware tools will delete the Covm Ransomware ordinarily automatically, and offsite backups can provide an always-reliable file recovery.

The Service that Never 'STOPS' Giving

While Ransomware-as-a-Service may rise and fall with activity, depending on the cryptocurrency market, it still is a reasonably-dependable moneymaker for criminals in 2020. One of the largest families to date, the STOP Ransomware, is nowhere near an evident conclusion. Threat actors continue hiring the Trojan with barely-custom variants that they deploy in the time and place of their choosing – like the Covm Ransomware.

Early versions of this family, such as the Rumba Ransomware, the Promock Ransomware, or the STOP-roland Ransomware, have no coherent theme. However, by the time of the Covm Ransomware, Sqpc Ransomware, et al., the Trojans use names consisting of four randomly-generated characters. The Covm Ransomware, like some of its relatives, also pretends that it's a temporary or TMP file in its filename, as part of avoiding any visibility during its installation and setup.

The Covm Ransomware's most threat-defining threat is encryption, which blocks files of formats like PDF or DOC documents, JPG or GIF pictures, and other media. This feature may retrieve the encryption key from a Command & Control server, but the Covm Ransomware also can implement an offline equivalent for unreliable connectivity scenarios. Users always can detect the non-opening files by looking for the secondary extension that the STOP Ransomware variant inserts, such as the Covm Ransomware's 'picture.jpg.covm.'

There's More than Extortion in this Trojan's Family

The unlocker or decryptor that the Covm Ransomware sells is, from the point of view of the attacker, the second most crucial function of the Trojan. In contrast, from the victim's standpoint, the Covm Ransomware includes more concerning issues that can endanger most Windows systems from different angles. It may block websites by making Hosts file changes, erase data associated with the Restore Points, and generate fake Windows update progression bars. Some versions of the Covm Ransomware's family also include other threats, such as spyware.

Users should invest in backup safeguards that aren't at risk from a local program's deleting them non-consensually, such as cloud services. They also should be careful around the infection vectors that are highly notable for circulating the STOP Ransomware Trojans, including software piracy-themed torrents and fake updates on compromised websites. Safe Web-browsing habits and strong passwords will protect nearly all potential victims from the Covm Ransomware campaign.

In the event of these protections failing, users always have the option of containing or removing the Covm Ransomware through appropriate anti-malware products. The STOP Ransomware family has no substantial defenses against such programs.

The all-too-familiar story of another STOP Ransomware attack is something that only stops when victims stop paying the ransom. The Covm Ransomware owes its existence to users not protecting themselves until it's too late, whether their precious files are on a smartphone or a desktop computer.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to Covm Ransomware may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria.

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Posted: May 22, 2020
Home Malware Programs Ransomware Covm Ransomware

Leave a Reply

Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter. If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.