Alleged Master Keys for the Dharma Ransomware Leaked on BleepingComputer

Good news for the victims of the Dharma Ransomware, someone has released the alleged Master Keys on the forums.

The alleged Master Keys for the Dharma Ransomware has been released by someone on forums.

A member using the online moniker ‘gektar‘ published a post containing a Pastebin link to a header file in C programming languages that supposedly contains the master decryption keys.


The post was created under the Dharma Ransomware Support Topic.

If the master keys are valid, victims of the Sharma Ransomware can decrypt their files without paying the ransom.

At the time I was writing the authenticity of the keys is still unconfirmed. Experts from Kaspersky are currently verifying them in order to include them in their decryptor tool.

The experts believe the key can be valid because recently the master keys for the Crysis ransomware were also released, and the Dharma ransomware is based on it.

“With that said, there is a good chance that the keys are valid. This is because the keys for Crysis, on which Dharma is based, were released in the same manner on our forums in the past. Using these keys Kaspersky was able to update their ransomware decryptor to help Crysis victims for free.” reported a blog post published on BleepingComputer. 

It is still unclear if the person who posted the decryption keys is affiliated with the ransomware.

Stay Tuned!

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(Security Affairs – Dharma Ransomware, malware)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

Recent Posts

TP-Link Archer C5400X gaming router is affected by a critical flaw

Researchers warn of a critical remote code execution vulnerability in TP-Link Archer C5400X gaming router.…

23 mins ago

Sav-Rx data breach impacted over 2.8 million individuals

Prescription service firm Sav-Rx disclosed a data breach that potentially impacted over 2.8 million people…

10 hours ago

The Impact of Remote Work and Cloud Migrations on Security Perimeters

Organizations had to re-examine the traditional business perimeter and migrate to cloud-based tools to support…

18 hours ago

New ATM Malware family emerged in the threat landscape

Experts warn of a new ATM malware family that is advertised in the cybercrime underground,…

19 hours ago

A high-severity vulnerability affects Cisco Firepower Management Center

Cisco addressed a SQL injection vulnerability in the web-based management interface of the Firepower Management…

24 hours ago

CERT-UA warns of malware campaign conducted by threat actor UAC-0006

The Ukraine CERT-UA warns of a concerning increase in cyberattacks attributed to the financially-motivated threat…

2 days ago

This website uses cookies.