The alleged Master Keys for the Dharma Ransomware has been released by someone on BleepingComputer.com forums.
A member using the online moniker ‘gektar‘ published a post containing a Pastebin link to a header file in C programming languages that supposedly contains the master decryption keys.
The post was created under the Dharma Ransomware Support Topic.
If the master keys are valid, victims of the Sharma Ransomware can decrypt their files without paying the ransom.
At the time I was writing the authenticity of the keys is still unconfirmed. Experts from Kaspersky are currently verifying them in order to include them in their decryptor tool.
The experts believe the key can be valid because recently the master keys for the Crysis ransomware were also released, and the Dharma ransomware is based on it.
“With that said, there is a good chance that the keys are valid. This is because the keys for Crysis, on which Dharma is based, were released in the same manner on our forums in the past. Using these keys Kaspersky was able to update their ransomware decryptor to help Crysis victims for free.” reported a blog post published on BleepingComputer.
It is still unclear if the person who posted the decryption keys is affiliated with the ransomware.
|[adrotate banner=”9″]||[adrotate banner=”12″]|
(Security Affairs – Dharma Ransomware, malware)