Remove Dharma Virus — Restore .brrr Files

LIGMA image ransomware note .brrr  extension

The .brrr Dharma virus samples are a recent campaign delivering a new iteration of this ransomware family. According to the security analysis they use the same behavior pattern the previous versions. Our article provides an overview of the virus operations and gives victims instructions on effectively recovering their systems.

Threat Summary

NameDharma virus
TypeRansomware, Cryptovirus
Short DescriptionThe ransomware encrypts sensitive information on your computer system with the .brrr extension and demands a ransom to be paid to allegedly recover them.
SymptomsThe ransomware will encrypt your files with a strong encryption algorithm.
Distribution MethodSpam Emails, Email Attachments
Detection Tool See If Your System Has Been Affected by Dharma virus

Malware Removal Tool

User ExperienceJoin Our Forum to Discuss Dharma virus.Data Recovery ToolWindows Data Recovery by Stellar Phoenix Notice! This product scans your drive sectors to recover lost files and it may not recover 100% of the encrypted files, but only few of them, depending on the situation and whether or not you have reformatted your drive.

Dharma Virus – Distribution Ways

A new Dharma virus sample has been detected bearing the .brrr extension which signals that a new customization of the already existing samples has been made. It is possible that the new iteration is controlled by a criminal collective sending out Dharma ransomware family samples in the past or an entirely different group or individual hacker. We suspect that the ongoing campaign will make use of the already existing distribution tactics.

The criminals can coordinate the delivery of phishing email messages. They are created in order to manipulate the users into thinking that they have received a notification message from an Internet service that they use. The phishing messages can be disguised as password reset reminders, software updates, additional information requests (Read more...)

*** This is a Security Bloggers Network syndicated blog from How to, Technology and PC Security Forum | authored by Martin Beltov. Read the original post at: