Ransomware Wiki
Ransomware Wiki

.MERRY Ransomware Overview[]

The .MERRY ransomware is a dangerous new virus which bears its origins from the Merry Christmas ransomware family. Like other related threats it encrypts target user files and demands a ransomware fee to restore access to the compromised data.

The virus itself is written in the Delphi programming language and is distinctive from other similar threats as it uses a custom encryption algorithm. Upon infection it scans all connected drives of the infected machine.

Various popular file types are targeted by the encryption engine – various documents, audio files, photos, videos, game saves, configuration files, backup images and etc.

All affected data receive the .merry extension.

.MERRY Ransomware Note[]

ALL COMPUTER DATA ENCRYPTED

TIME AFTER ALL FILES WILL BE DELETED

YOUR ID

NOW YOU NEED TO PAY TO RECOVER YOUR DATA

AFTER MONEY TRANSFER YOU WILL RECIEVE THE DECRYPTOR

CONTACTS

TELEGRAM @comodosecunty

EMAIL comodosec@yandex.com

Any attempts to return your files with the third-party tools can be fatal for your encrypted files! The most part of the third-party software change data within the encrypted file to restore it but this causes damage to the files.

Finally, it will be impossible to decrypt your files! There are several plain steps to restore your files but if you do not follow them we will not be able to help you!

.MERRY Ransomware Distribution[]

The .Merry ransomware is primarily distributed using one of the following methods:

  • E-mail Messages – The hackers send various types of e-mail messages to the predefined targets. In most cases they use social engineering tricks that present the attached links or attachments as legitimate files. Often hackers employ .zip archives which carry the malicious payload in themselves.
  • Malicious Ads – Various types of online content can present ads or links that may redirect to the virus. Such ads can be served on hacked sites, browser hijackers and various redirects.
  • Software Installers  – One of the most efficient ways of obtaining the infection is by downloading a software installer from an untrusted download site or P2P networks like BitTorrent.

.MERRY Ransomware Removal[]

In-depth removal instructions and detailed technical information about the virus can be found on Best Security Search.