E Sanders

Ransomware...

Recommended Posts

@felix Do not piggyback another support request in this part of the support forums. Even if they appear to be this same issue.

Any files that are encrypted with Dharma Ransomware (a new variant of CrySiS) will have an .[<email>].dharma, .[<email>].wallet or .<email>.zzzzz extension appended to the end of the encrypted data filename and leave ransom notes named README.txt, README.jpg as explained here.

 

Unfortunately, there is no known way, at this time, to decrypt files encrypted by Dharma variants without paying the ransom. Our crypto malware experts who analyze these infections suspect another cyber-criminal forked the code and generated their own keys which were not part of the leaked master decryption keys for the original CrySiS variants, see here.

Share this post


Link to post
Share on other sites
Hello, the person who encrypted my information sent me the private key and is asking me for 1000 dollars for the other key to decrypt

Share this post


Link to post
Share on other sites

Hello,

If you have the private encryption key, then you should not need another key to decrypt the files, as long as you were sent the decryption tool.

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.