Gomasom also known as Google Mail ransom is a new ransomware. The name Google Mail ransom is related to the encrypted files names – they all have gmail email addresses on them.
Gomasom ransomware is not so similar to all other ransomware of this type. That’s because Gomasom can encrypt not only your files, but executables as well, so you won’t be able to use your applications.
It’s not known how this ransomware is distributed, so you should stick to the main rules of save web browsing in order to avoid it.
Once inside of your computer Gomasom will encrypt your files and change their names. They will be changed to [email protected]_.crypt (or any other email address). Cyber criminals expect users to contact that certain email address in order to get instructions how to pay the ransom and retrieve encrypted files.
Important: Do not contact cyber criminals and do not pay the ransom. You don’t need to do that because decryption tool for Gomasom is already developed. You can download it from here. Description how to use this decryption tool can be found there as well.
If you want to protect your computer and avoid ransomware or other viruses like this next time, we suggest to keep your computer secured with reliable anti-malware application all the time. You can use Spyhunter or Malwarebytes for this task – both of these applications should fully protect your system.
In case decryption tool can’t solve your problems, there is another way to get back your files. You can restore them from your back up. However, you must have an actual active backup in order to do that. More information on system backup can be found here: how to do system restore.
If you have some questions regarding this topic, feel free to ask them in the comments section below and we will do our best to provide you with needed assistance.
Update: the decrypter is now available at here: link. You can download it for free and successfully decrypt your files.