The cunning Hermes Ransomware accurately replicates all the nasty arsenal of the modern ransomware applications. It shares a lot of similarities with Serpent or CryptoKill Ransomware programs we’ve been reporting lately. Although each one of them has some unique feature, the end goal remains the same – encrypt your files and demand a ransom for unblocking them.
In this particular case, all infected files get a new extension of «.HERMES». It is easy to miss that something is wrong and your security along with the data is compromised if you don’t have any anti-malware protection. After finishing the encryption, this ransomware informs the user with a note that demands a ransom to be paid. Malicious programs like Hermes Ransomware often suggest using Bitcoin wallets to pay for the decryption key that will bring your files back to normal deleting the .HERMES extension.
Hermes Ransomware uses the RSA-2048 encryption algorithm. After encryption is complete the virus creates a file named DECRYPT_INFORMATION.html and puts another one called UNIQUE_ID_DO_NOT_REMOVE on your desktop. Those files explain to users what just happened and give instructions what to do next. In addition to that, the hackers offer to test their decryption tool by decrypting three files of your choice sent to them via email (firstname.lastname@example.org).
According to the latest research, there is a chance that a free decryption tool for Hermes Ransomware will be created by security experts. However, the progress is rather slow, and we don’t have any specific info yet.
We still don’t have a full list of the main spreading techniques for this ransomware, but it is safe to safe that most common strategies are in use. We’re talking about typical stuff like:
You can deal with the Hermes Ransomware threat in two ways – manually or use a trusted anti-malware program. We would recommend the second option to prevent accidental harm done to your system in the process. File-encrypting programs like this one are often disguised as safe-looking files. Deleting wrong files might cause additional problems with your OS. For more information, please, continue to read the paragraph below.
Symptoms of Hermes Ransomware infection on your computer can be: computer crashes, unusual homepage or search engine on your browser, unwanted pop-up ads and advertising banners. We recommend to download our automatic removal tool. This removal tool has been tested for Hermes Ransomware threat removal and it is easy to use.
After performing all of the steps above you should have all of your web browsers clean of the HERMES RANSOMWARE and other suspicious add-ons and extensions. However to complete the removal procedure we strongly advise to scan your computer with antivirus and anti-malware tools like SpyHunter, HitmanPro 32-bit, HitmanPro 64-bit or Malwarebytes Anti-Malware. Those programs might help to you find registry entries of malware and remove them safely.