.SALMA File Extension

The Salma virus is a type of malware that first surfaced in August 2021 and is utilized as ransomware by cybercriminals. The ransomware may be used on all types of computer users to take their files hostage and hold them for ransom until the users pay the cybercriminals.

How did my computer get infected?

The Salma virus may be introduced when you download and run a trojan horse program disguised as a safe application or update. Or, you may open a malicious email attachment file. To prevent attacks like these, never open email messages from unverified senders or run programs unless you verify the developer.

What does the Salma ransomware do to my files?

Once introduced to your computer, the virus takes your files hostage by encrypting them and adding the .salma extension onto the names of your files. Any type of file may be encrypted, such as images, videos, presentations, spreadsheets, and documents. For example, an image.jpg file becomes image.jpg.salma.

The virus then generates a read_me.txt file in every folder that stores an infected file. The .TXT files are ransom notes that provide information explaining the hostile takeover of your files and how you can recover your files by paying a ransom (FileInfo does not recommend paying a ransom).

Since SALMA files are encrypted with AES-256 and RSA-1024 Asymmetric Encryption, you cannot open them. There is no program currently available that can decrypt SALMA files.

If your computer has been infected by Salma ransomware, the best option is to remove the ransomware and restore your files to their original state with a System Restore. However, performing a System Restore will cause you to lose any data since your last restore point. Therefore, you may want to back up data created since the last restore point.