Greek Cypriot police warn of new ransomware scam

A new virus called Dharma is infecting computers and servers by encrypting and locking files, which can be unlocked only through a Bitcoin payment, south Cyprus authorities have warned.

In the warning on Tuesday, Greek Cypriot police cybercrime unit warned users to take necessary precautions and to not pay should their computers be infiltrated.

Dharma, a new version of high-risk ransomware/cryptoware, is targeting the computers and servers of companies, offices, and other users through emails with misleading titles and through insecure websites.

Once the virus has infiltrated a computer or server, Dharma encrypts stored files through asymmetric cryptography, locking the computer’s or server’s contents.

A text document is placed in every folder containing compromised files, requesting that a Bitcoin payment is paid as ransom for the unlocking of the files.

As of yet there is no effective method or software for the restoration of infected files, the cybercrime department said.

As such, they have requested that the public takes the necessary precautions.

First, the cybercrime unit suggests that files be backed up regularly.

Users are also urged to refrain from opening links and downloading attachments sent from unknown sources, especially when the sender appears to be a service or company they are not aware of.

Users should also type URLs into their browsers themselves, instead of clicking on available links. Furthermore, users should make sure that their computer and other mobile devices are protected with up-to-date anti-virus programs, and that they are using an up-to-date version of their operating system.

In the event that a computer or server becomes infiltrated by Dharma, the cyber-crime department stresses that the ransom money should not paid out so as to discourage such illegal practices and to prevent the further spread of the phenomenon.

CM