MMM ransomware : Updated and Continues Distributing in 2018

MMM Ransomware – Updated & Continues To Infect Wide Range of Windows PC

This year, in the beginning of 2018, team of malware researchers have reported about the new ransomware that adds .info or .triple_m suffix to encrypt file. According to the depth analysis by researcher, it’s sample is related with MMM ransomware. However, first of all this ransomware was discovered on August 14th, 2017 and after that it updated by its developers and continues to effect Windows PC in 2018. It uses the strong combination of AES + RSA + HMAC file encryption cipher algorithms to encrypt all stored files on infected machine. Originally, it uses “.0x009d8a” file extension to lock file but now it uses another two file extension that mention above.

File Encryption Procedure of MMM Ransomware

Upon the successful data and file encryption, MMM ransomware uses Hash-based message Authentication Code to access C&C servers and then drops a ransom note on desktop screen in html file format known as ‘restore_0x009d8a_files.html”. But recently, it comes in updated version and infecting wide range of Windows PC very rapidly. It’s recent update data recovery instruction are provided in ‘RESTORE_triple_m_FILES.html’ file. The ransom note delivers the brief explanation on file encryption procedure and method used to corrupt files. By displaying ransom message hackers warns victim to recover files with help of cyber criminals otherwise your data might get corrupt. Hackers also mentioned in the ransom note that the victims has only 6 days to purchase the file decryption key and the price of ransom fee is 1.2 BTCs.

Don’t Pay Ransom Fee Demanded By MMM Ransomware

Hackers also advised victim to write to [email protected] for the data decryption instructions. According to the priority of data, most of the System users easily get agreed to contact with cyber criminals but security analysts strictly warned victim to do so because there is no any guarantee deliver by its developers to deliver the file decryption key even paying ransom fee. Instead of contacting with the cyber hackers, you must take an immediate action to delete MMM ransomware from compromised Windows machine.

Transmission Preferences of MMM Ransomware

There are numerous tricky, deceptive and social engineering tactics used by the developers of MMM ransomware to compromise PC. But mainly it is delivered to victim via use of the corrupted spam email attachment, embedded or dubious links using spam email messages. Opening of any spam message that arrives on your inbox from unknown sender may secretly lead you to this MMM ransomware. Besides spam campaigns, it may also infect your System via bundling method, pirated software, infected game servers, P2P file sharing network, malicious domain, P2P file sharing sources and many more. The infiltration channels of MMM ransomware may varies time-to-time but mainly spread via the Internet. You can avoid PC from attack of ransomware by opting some simple prevention measures.

Safeguard Tips To Keep PC Safe Against MMM Ransomware

  1. Be cautious while browsing web or surfing Internet.
  2. Download any software or application from only affiliate or official sources.
  3. Keep your installed application or operating System up-to-date.
  4. Never open any files or attachment that received from the suspicious email addresses.
  5. Use only legitimate or trusted anti-virus software to scan your PC.

To delete MMM Ransomware or other variant of ransomware easily, you may visit –

Leave a Comment

Your email address will not be published. Required fields are marked *