If the master keys are valid, victims of the Sharma Ransomware can decrypt their files without paying the ransom.
At the time I was writing the authenticity of the keys is still unconfirmed. Experts from Kaspersky are currently verifying them in order to include them in their decryptor tool.
The experts believe the key can be valid because recently the master keys for the Crysis ransomware were also released, and the Dharma ransomware is based on it.
“With that said, there is a good chance that the keys are valid. This is because the keys for Crysis, on which Dharma is based, were released in the same manner on our forums in the past. Using these keys Kaspersky was able to update their ransomware decryptor to help Crysis victims for free.” reported a blog post published on BleepingComputer.
It is still unclear if the person who posted the decryption keys is affiliated with the ransomware.
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer.
Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US.
Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines.
Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.