- February 8, 2017
- Posted by: Nigel
- Category: Scams & Security Threats
What is the Dharma Ransomware?
There is a new ransomware threat doing the rounds called Dharma and it is probably the most dangerous variant of ransomware that has been released to date!
The main concern with Dharma ransomware is it not only encrypts your user files, it also encrypts all critical data files on your computer including accounting packages, emails & backups files if your external hard drive is connected.
Currently there is no decryption tool available for Dharma.
This ransomware virus is thought to be an original creation of ransomware developers or just a newer version of some larger family of Crypto ransomware. Also, could it be as dangerous as Locky virus? Since the appearance of Dharma ransomware, experts pointed out it’s resemblance to the CrySiS ransomware and the fact that the initial version of the virus can be decrypted.
However, it can’t be done with the latest version of this ransomware known to use firstname.lastname@example.org for informing people about their encrypted files and ask them to pay a ransom. This information is also provided in info.hta ransom note. I should add that, according to the latest reports, the current version of Dharma uses these extensions that it appends to the target files: .dharma, .wallet, .zzzzz.
When infected with the virus, you might be required to an email address similar to these email@example.com, firstname.lastname@example.org, etc. I strongly suggest not to do that as you have absolutely no way of knowing what to expect from this bunch of extortionists and how contacting them might end. It is more reasonable to simply remove Dharma and use your computer normally again.
If you continue using it with a ransomware running, every time you reboot the system will result in new encrypted files.
How can I get infected with ransomware?
While trying to infect systems with this malware, the developers of Dharma ransomware have been actively relying on phishing. The scammers also use malicious spam campaigns to spread fraudulent emails with attached malware around and, sadly, the users often fall for their tricks.
If you, yourself, receive an email from some unknown sender, company or institution, carefully investigate it. Think about whether you expected such an email in the first place, if you have no idea why it has reached your email — it might be that you are being targeted by extortionists. In such a case, you should stay away from any attachments that might be added to the email and delete it immediately. Otherwise, Dharma can sneak in its malicious payload with some fake plane ticket, speeding ticket, parcel pickup or any other documents that might look convincing enough to be taken for granted.
How to remove Dharma from your PC?
All computer security unanimously agree that the best way to remove Dharma virus or any ransomware virus from the infected device is by scanning it with a professional anti-malware tool. Nevertheless, you probably remember that this virus is specifically good at hiding on the computer and may not even be detected by the security tools.