What is a DHARMA File Type?
Dharma ransomware is a type of malware used by cybercriminals that encrypts files as a user. Once the ransom takes the files hostage, it forces the victim to pay the culprit to unlock the files. It can be introduced into the victim's computer through e-mails containing malicious links or attachments to files, websites hosting free files and Peer to Peer (P2P) networks.
When the ransomware runs on a user's computer, it encrypts files on the computer and adds the .dharma extension onto the names of the files. It also appends an [bitcoin143@india.com] or [worm01@india.com] email address with the extension. The types of files typically targeted include spreadsheets, documents, images, videos, and backup files, such as .DOCX, .PDF, .JPG, .AVI, and .DB files. For example, a spreadsheet.xlsx file becomes spreadsheet.xlsx.[bitcoin143@india.com].dharma or spreadsheet.xlsx.[worm01@india.com].dharma.
The virus generates a README.txt file in each folder that stores an encrypted file on the apos computer; user. The README.txt contains brief instructions explaining the hostile takeover of files from the user and how the user can recover his files by paying a ransom.
There is currently no program available to effectively restore infected files. If the user has a recent backup of his files, he can restore the system to remove the virus, but any changes made to the files after the backup will be lost.