home.aspx
 
. https://heimdalsecurity.com/blog/security-alert-dharma-ransomware-undetected-antivirus-engines/
blog article
SECURITY ALERT: NEW DHARMA RANSOMWARE STRAINS ALARMINGLY GO UNDETECTED BY ANTIVIRUS ENGINES
Dharma ransomware is one of the oldest ransomware families in existence and yet it still wreaks havoc, undetected by security solutions. October and November saw the appearance of at least four new strains. We discovered one that goes undetected by almost all the antivirus engines on the market.  If this trend continues, users who rely on antivirus alone for ransomware protection will be at risk of losing their data forever – there is no free decryption tool for the new Dharma (CrySiS) ransomware strains.  This month, security researcher Jakub Kroustek found a few new Dharma ransomware strains which encrypted the victim’s files with a “.betta” or “.xxxxx” extension. They asked for the ransom to be paid to either the “backtonormal@foxmail.com” or the “syndicateXXX@aol.com” email address. Even though Jakub Kroustek posted his findings about the @foxmail ransom on October 19, at the time of us writing about the strain we uncovered (November 7), only 44 out of 67 antivirus engines detect the malicious file he uncovered, as you can see on VirusTotal. READ MORE