Hello guys, I have a client infected with that .jack version of dharma ransomware. We have tried almost everything except payment. No Shadow copy, no file recovery as these are VMs with shared drive, free tools don't work, paid recovery data companies stated they cannot do anything. We don't have backup only from one server and we need only 3 files out of it. Should we consider payment to the bad actors? Do you reckon they can and will recover the files? Or no honour amongst thieves? Any advice is welcome!
Hello. This is one of the newer ransomware viruses.
There is no decryption tool available at this time, so best you can do is remove the virus,
do a backup of important files, re-install the system and hope for a decryption tool.
Some Dharma variants that still have no decryption tool made for them date back over more than 1 year, so chances are slim and hope is fading away for a decryptor. Paying the thieves is last resort, but we advise against it. You could be targetted again and get your computer systems infected again. Even if they contact you back, their decryption tool might not work.
As for criminals keeping their word - some of them do, some of them don't and some act as what their mood is.
Very unfortunate, but unless there is a lot of money involved (business) we advise against paying.
If data recovery companies cannot help you, then currently there isn't really a way to get your files restored that way.