The terror of the dangerous Dharma Ransomware has reached Cyprus. The cybercrime unit has cautioned users that they must follow a set of necessary steps for ransomware removal and detection. The department has especially mentioned the name of the Dharma family— corrupting and encrypting data of the local user—and advised users to be wary of it.
Recently, Dharma has been active in the region where corporations, businesses, and offices were ravaged with the ransomware via several strategies. One of the infection techniques was the use of spam email campaigns where the emails were pretended to be sent from renowned brands. Other common tricks included tricking users via insecure websites. These websites were hacked in such a way that any click or typing of information by a user could result in the user’s PC being attacked by the ransomware.
As Dharma Ransomware successfully enters a user’s PC through any of its distribution strategies, the PC transforms into a digital hostage. The files that are stored in the servers are locked via encryption where asymmetric cryptographic is applied to the data. On every folder of the locked files, a text file is added, which serves as the ransom note. The ransom note acknowledges the hack and demands a ransom (in Bitcoins) in return for data access and ransomware removal.
Because coming out from a Dharma attack is significantly complex, the cybercrime unit has recommended the use of mandatory safety measures. The department recommended:
- Backing files with regular intervals.
- Avoid indulging in irresponsible internet activities like clicking on any suspicious links. Additionally, links must be typed manually in the browser.
- Installing the latest anti-malware tools for effective ransomware removal.
In case the Dharma Ransomware still succeeds in entering a company’s network, the cybercrime department discourages the payment of ransom.
