Bad Dharma (Its been a busy week)

Call Gnosys today for your free consultation! 352.870.2034

Bad Dharma (Its been a busy week)

Bad Dharma (Its been a busy week)

What is Dharma?

Dharma is a new version of ransomware. Once its on your machine, the virus doesn’t fool around it looks for file servers and starts encrypting the it finds data immediately. The method of encryption makes file decryption almost impossible without the encryption key which is unique and is generated as a part of the encryption process. Affected files become useless because you can’t open or edit them.

The name of each corrupted file will be tagged with [email_address].dharma, [email_address].wallet or something to like that. Next, the virus drops two files (“README.txt” or “Document.txt.[amagnus@india.com].zzzzz”) in each folder with corrupted files. Dharma ransomware is very dangerous threat to your data.

Ransom amount is often not specified, instead they ask to contact them in order to get further instructions. Once payment is done, they will supposedly send you decryption key. But you should know that nobody can guarantee that they will fulfill their end of the bargain and so it is never advisable to pay the ransom.

The troubling thing about this ransomware attack is that is also encrypts .exe .zip and .bck files which means that it can create the need to reinstall software, corrupt the OS and, worst of all is that it will try to encrypt your backup files..and likely succeed.

This means that a robust anti-virus solution paired with onsite and offsite backups is critical.

How Dharma Get on Your Network?

Dharma ransomware most commonly infects your system with the help of phishing. Usually via spam emails with fake header information that users are likely to trust like Amazon, DHL or FedEx. Most of these emails will indicate that you should click the link to receive invoices, scanned documents or information about failed payment. The link in the email will point to and run the script to deploy the virus. Once launched the Dharma ransomware begins the encryption process. You can also get infected with Dharma virus downloading and installing fake software updates, games or programs from torrents.

Remember, that attention and caution are keys to computer safety.

Please feel free to contact Gnosys Networks with any questions or concerns.