Ransomware Wiki

Dharma Ransomware Family Overview[]

The Dharma ransomware family is one of the most prominent computer threats that have been spawned in 2016. The Dharma Ransomware is efficient at extorting its victims. It follows its classic strategy of encrypting target user files and blackmailing the victims for a ransom sum payment.

It has spawned numerous strains and can usually be identified by the india.com domain of the contact email and ransomware extension. Usually the filename.(email).dharma formula is used. Some of the code of the Dharma ransomware indicates that it originates from the CrySiS ransomware family famous for some early 2016 attacks.

Depending on the strain a different ransom note can be shown to the victims.

Dharma Ransomware Family Distribution[]

The ransomware strains are usually distributed via spam email campaigns. In many of the cases the contents of the messages contain hyperlinks that lead to the dangerous payload. It can also be attached directly to the messages as archives or binary files.

Dharma Ransomware Family[]

Comprehensive removal instructions are available here.