Takze napadol ma crypto virus .ADOBE Dharma - je to ransomware, prepisuje vsetky subory na priponu .ADOBE vid obrazok
Prakticky neexistuje na to zatial ziaden desifrator - decrypter. Jedine zaplatit hekerovi a dufat, ze Ti to vie opravit a opravi...
Vacsinou Vas napadne cez RDP alebo kliknuie na daky odkaz/email.
Toto je stranka kde o tom pisu, ze .ADOBE sa vyskytol zaciatkom Novembra tohto roku atd. Viac info tu:
https://www.bleepingcomputer.com/forums ... ansomware/
SPRAVA OD HEKERA PRE MNA:Any files that are encrypted with Dharma (CrySiS) Ransomware will have an <id>-<id with 8 random hexadecimal characters>.[<email>] followed by the .dharma, .wallet, .onion, .zzzzz, .cezar, .cesar, .arena, .cobra, .java, .write, .arrow, .bip, .combo, .cmb, .brrr, .gamma, .monro, .bkp, .btc, .bgtx, .boost, .waifu, .funny, .betta, vanss, .like, .gdb, .xxxxx, .lock, .adobe, .AUDIT, .cccmn, .tron, .back, .Bear or .fire extension appended to the end of the encrypted data filename.
You can submit (upload) samples of encrypted files, ransom notes and any contact email addresses or hyperlinks provided by the cyber-criminals to ID Ransomware (IDR) for assistance with identification and confirmation of the infection.
Only the earlier .dharma, .wallet, .onion variants of Dharma (CrySiS) are decryptable. Unfortunately, there is no known method to decrypt files encrypted by the newer variants of Dharma (CrySiS) without paying the ransom and obtaining the private RSA keys from the criminals...including the .adobe variant.
"Hello! Please write your ID. You can find it in files names(sample: id-56GC70DO).
Your files were encrypted. We can help unlock your files but you must pay for it in Bitcoins.
The cost for decryption during next 48 hours: 1,8 BTC.
our Bitcoin wallet: 13MMfKzq4LdFidWnAL2wfhp9KgKV9Fwdsj
After payment please write to us transaction ID!
Proof that we can decrypt your files:
you can send to us 1-3 files with simple extensions(jpg,xls,doc...) and low sizes(1 mb).
Files should not have the same extensions. One extesion - one file.
We will decrypt them and send files back to you. "