Gomasom Ransomware

Posted: December 22, 2015
Threat Metric
Threat Level: 8/10
Infected PCs 16

Gomasom Ransomware Description

The Gomasom Ransomware is a file encryptor that scans your hard drive for your files and encrypts them by modifying it with a data-scrambling algorithm that makes these files unable to be read by their programs. As one would assume from its name, the Gomasom Ransomware initiates these attacks in the hope of forcing its victims to pay a ransom fee, but malware researchers recommend using free means of recovering any lost files. However, before any data recovery begins, you should remove the Gomasom Ransomware, like all threatening software, with the anti-malware scanner of your preferred brand.

The Time to Turn Away from Google Mail

The Gomasom Ransomware has its name from using Gmail as its ransom communication platform of choice. This choice is more than superficial, and the Gomasom Ransomware inserts its admin's e-mail address in the names of any files the Gomasom Ransomware attacks. Besides the included e-mail address, the Gomasom Ransomware also appends the '.CRYPT' extension, although, as with similar threats, this supposed file format change is purely cosmetic.

The Gomasom Ransomware conceals its primary files within a 'Microsoft Help' directory and sets its launch for your next Windows login. After being launched, the Gomasom Ransomware scans for files of various types, including executables (.EXE files), and encrypts them. The associated files can no longer open until they run through a similar decryption process, which requires a key specific to the Gomasom Ransomware infection.

PC users are expected to contact the e-mail address seen in their files and pay the threat author for restoring their files. Such a solution runs into the usual obstacles that malware experts warn of: that the associated third-party has no impetus to honor his word, and that many file encryptors like the Gomasom Ransomware possess flaws that make file recovery infeasible in the first place.

Fortunately, current versions of the Gomasom Ransomware uses a decryption method similar to earlier file encryption Trojans, which has led to third parties in the security industry already developing free decryptors. These tools may require significant time to brute force the decryption key from a sample file. However, once the key is acquired, it can be used for restoring all files affected in a given attack.

Taking Your PC Back from a File Kidnapper

By not bothering to use a stronger decryption method or load a specific ransom message for its victims, the Gomasom Ransomware shows off the standard operating procedure of many of the simpler, less professional file encryptors of 2015. However, even a simplistically-coded Trojan may be threatening to your files and the overall security of your computer. Because the Gomasom Ransomware's distribution methods are unknown, malware experts only can warn about previous, common exploits, including e-mail spam, threatening browser scripts, illegal file downloads and obfuscated Web links.

The Gomasom Ransomware's similarity to other file encryptors may mean that the Gomasom Ransomware is the product of a general ransomware development kit. This possibility makes it likely that similar file encryptors may be seen in distribution by different sources soon. Whether you need to remove the Gomasom Ransomware or a similar threat using slightly different tactics, you always should resort to using dependable anti-malware programs.

Common sense backup strategies, such as using cloud server backups, also continue being effective against the encryption attacks used by the Gomasom Ransomware and other Trojans of the same type.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to Gomasom Ransomware may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria.

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Home Malware Programs Ransomware Gomasom Ransomware

Leave a Reply

Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter. If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.