Harma Ransomware

By GoldSparrow in Ransomware

The Harma Ransomware is a recently spotted file-encrypting Trojan. When inspected, this ransomware threat revealed to be a variant of the popular Dharma Ransomware.

The infection vector utilized by the authors of the Harma Ransomware is not yet confirmed. However, it is believed that the attackers may be using spam emails, fraudulent software updates and pirated media to spread their threat. Once the Harma Ransomware infiltrates a system successfully, it will scan it. The goal of this scan is to detect the files that it will later encrypt and locate them. Then, the Harma Ransomware would begin the encryption process. After undergoing the Harma Ransomware's encryption, the files will have their names altered. It is a signature move of ransomware threats which belong to the Dharma Ransomware family to apply a similar pattern when renaming data – the '.id-.[WSS911@tutanota.com].harma' extension will be added to the newly locked files. Then, the Harma Ransomware drops a ransom note. It is likely that this threat follows the pattern of other ransomware threats, which are variants of the Dharma Ransomware and names the note 'FILES ENCRYPTED.txt.' The attackers do not specify the sum they will demand. They only provide an email address where the victim is supposed to get in touch with them – WSS911@tutanota.com.

We would advise you to avoid all contact with regards to cyber crooks. They are not trustworthy individuals and will likely trick you into giving them money. A better way to deal with this situation is to download and install a reputable anti-virus tool, which would clear your computer.


is there any decryption method for the encrypted files by .harma Ransomware.

Unfortunately, there is no program available from anyone that is able to decrypt the files. However, SpyHunter can safely detect and remove Harma Ransomware and stop it from encrypting any additional files.

Related Posts


Most Viewed