Researchers at 411-spyware.com have recently detected a new ransomware infection Java Notdharma Ransomware and then has thoroughly analyzed it. The first thing our specialists have noticed is that it mimics Dharma Ransomware (you can read about it on your website), but there is no doubt that it has also been developed by cyber criminals to obtain money from users because it mercilessly locks files once it infiltrates users’ computers and then drops a .txt file containing a message for users. It does not demand a ransom, but we are 99% sure that you will be told to purchase the special decryption tool if you want to decrypt files after you contact cyber criminals behind this ransomware infection. Do not pay money to crooks because this might not change anything. Instead, you should remove the ransomware infection from your system completely because it might lock all new files you create if it stays. Users should also not forget that crypto-malware is not removed from their systems even if they pay money to crooks, get the decryptor, and use it to unlock those encrypted files.
Java Notdharma Ransomware mercilessly encrypts files on victims’ computers. It locks pictures, documents, videos, and many other files that belong to users right away after infiltrating their computers. If this infection is really the one that has locked files on your computer, you will see .java appended at the end of every file you cannot open. On top of that, you should be able to find a new .txt file on your Desktop. This file is called Decrypt Instructions.txt. It does not contain much. If you open it, you will find one sentence there: “All of your files are encrypted, to decrypt them write us to email: firstname.lastname@example.org.” You can contact cyber criminals if you want to, but we believe there is no point in doing that because you will be told to send money in exchange for the tool that can decrypt files. We are sure it will not be very cheap, and since there are no guarantees that you will get it after sending money, you should not purchase it. We do not think that you will find a free tool that you could decrypt affected files either. Actually, the chances are high that you could only restore your files if you have a backup.
All ransomware infections are distributed quite similarly, i.e. new malware distribution techniques have not been invented by cyber criminals yet, so it is very likely that Java Notdharma Ransomware will also be mainly distributed via spam emails. Ransomware infections usually travel as attachments, so it is enough for users to open malicious attachments to get infected with malware. Also, users might download malware from dubious websites themselves. Of course, they do not know about that. Last but not least, you might find a ransomware infection on your computer if you use an unsecured RDP. It might be an extremely difficult job to prevent malicious software from entering the system since the majority of threats are extremely sneaky and infiltrate computers unnoticed. Because of this, we highly recommend having security software enabled, especially if you surf the Internet every day and download programs off the Internet quite often. Of course, you should act more attentively too, for example, you should refrain yourself from clicking on suspicious links. Also, it is advisable to stay away from spam emails.
Java Notdharma Ransomware does not seem to be sophisticated malware, so, according to our specialists, you should be able to remove it from your computer by deleting all recently downloaded files – the most important thing is to delete its launcher, i.e. the malicious executable file that opens it. The removal of the ransomware infection can also be performed automatically, but you need to acquire an antimalware scanner first. We are not going to lie to you – the automated method is considerably quicker and easier if compared to the manual one. It should be emphasized that you will not unlock your files no matter how you delete the ransomware infection from your system.