VIRUS Ransomware

It appears that cyber crooks have not lost interest in creating more and more copies of the Dharma RansomwareThe Dharma Ransomware is certainly one of the most popular data-encrypting Trojans used by numerous cybercriminals as a basis for their ransomware threats. The newest variant of the Dharma Ransomware spotted by cybersecurity researchers is called the VIRUS Ransomware.

Propagation and Encryption

The propagation method used in the spreading of the VIRUS Ransomware has not been disclosed yet. Some researchers conjecture that the creators of the VIRUS Ransomware have used some of the most conventional methods for distributing threats of this type – spam emails that contain macro-laced attachments, fake application updates, and bogus pirated variants of popular software services. This is why the users are advised to be very wary when opening attached files from unknown sources, as well as avoid dealing with any pirated content. The VIRUS Ransomware was programmed to target a very long list of file types. The more data the threat is capable of locking, the more likely it is for the victim to consider giving in to the demands of the attackers. The VIRUS Ransomware applies an encryption algorithm to lock the targeted data. When the VIRUS Ransomware encrypts a file, it also alters its file name by adding a '.id-.[amandacerny89@aol.com]. VIRUS' extension at the end of it. Applying this pattern is a trademark for ransomware threats that belong to the Dharma Ransomware family.

The Ransom Note

When the encryption process is completed successfully, the VIRUS Ransomware drops two ransom notes called 'Info.hta' and 'FILES ENCRYPTED.txt.' There is no reference of a specific ransom fee, but the attackers make it clear that the victims have to get in touch with them if they want to receive further instructions on how to unlock their files. There is an email address disclosed as a means of communication – ‘amandacerny89@aol.com.'

It is never wise to contact cybercriminals like the individuals behind the VIRUS Ransomware. Needless to say, these individuals are not ones you can trust. They will lie through their teeth happily and promise to provide you with the decryption key you need but will likely never deliver on their promise. This scenario has played out countless times. This is why it is safer to trust an anti-virus software suite to remove the VIRUS Ransomware from your system and keep you and your files safe going forward.