back to article If it sounds too good to be true, it most likely is: Nobody can decrypt the Dharma ransomware

A data recovery company is dubiously claiming it has cracked decryption of Dharma ransomware – despite there being no known method of unscrambling its files. Infosec researcher Brett Callow of Emsisoft had a little fun trying to replicate Emsisoft's exposure of ransomware middleman company Red Mosquito Data Recovery earlier …

  1. John Robson Silver badge

    "Negotiating with the ransomware author"

    AKA: Is a nice alias for the ransomware author...

    1. tmTM

      Re: "Negotiating with the ransomware author"

      An interesting business mode.

      Infect lots of people with ransomware

      Setup a company offering decryption of (your own) ransomware

      Earn money as direct bank transfers from companies instead of Bitcoin

    2. Michael Wojcik Silver badge

      Re: "Negotiating with the ransomware author"

      They may be, or be affiliated with, the ransomware author; or they may be an independent third party. Both are viable business models. The former offers greater profit, but requires more work and entails greater risk. The latter has a much lower cost of entry.

  2. Anonymous Coward
    Anonymous Coward

    Surely decryption is possible...

    ....however someone would have to go through the data to identify which decypted data set is the same as the unencrypted data. So yes decryption is possible but will take a very very long time and then yet even more time for someone to identifying the unencrypted data.

    So not impossible just very very very time consuming

    I would be interested to know who is willing to pay billions for the technology though, perhaps the mobile storage companies given that the decrpyted set it likely to be larger than all the data used anywhere in computing to date

    1. Anonymous Coward
      Anonymous Coward

      Re: Surely decryption is possible...

      "So not impossible just very very very time consuming"

      You're missing about 10^24 copies of the word "very" there. I don't know how you define impossible, but I'd say that "not possible before the sun goes supernova" is, for all intents and purposes, a good definition.

      1. A.P. Veening Silver badge

        Re: Surely decryption is possible...

        "not possible before the sun goes supernova" is, for all intents and purposes, a good definition.

        As the sun lacks the mass to go supernova, that is an excellent definition.

        1. Tomato42
          Boffin

          Re: Surely decryption is possible...

          oh, but the Sun can collide with a more massive star, merge, and then go supernova!

          so technically, there is a chance for it happening

          1. CrazyOldCatMan Silver badge

            Re: Surely decryption is possible...

            merge, and then go supernova!

            Or, when the black holes spawned at CERN combine, suck in the sun which then goes..

            Oh - hang on..

            1. Hans 1
              Happy

              Re: Surely decryption is possible...

              Well, you'd be "somewhat" over-estimating the resources CERN have at their disposal.

              1. theblackhand
                Holmes

                Re: Surely decryption is possible...

                Well, you'd be "somewhat" UNDER-estimating CERNs desire to destroy the world by wanting to make black holes*. OK, it's technically not a supernova but maybe they've been too scared to go public with their plans for bombarding the sun with enough mass to make it go supernova.

                And CERN haven't denied it...

                * I read it in the tabloids....it must be true...

                1. DropBear

                  Re: Surely decryption is possible...

                  *I'm too tired for this shit* okay, listen: if the SUN would be replaced by a black hole with an equal mass, do you know what would change over here on Earth...? Nothing. Well, save for a major problem for the solar generator plants soon followed by all kinds of related major problems for everybody else. In the same vein, it really wouldn't make any damn difference if we somehow managed to suck all of Earth's matter into a black hole the size of a pea - the rest of the solar system wouldn't give no shits whatsoever, least of all the Sun.

    2. Ragarath

      Re: Surely decryption is possible...

      They mean the technology that can do the decryption in a reasonable amount of time and that could be done for a measly $175 charge.

      As in there is a f'ton of processing going on really quickly without burning the world down or making it short of several nuclear power plants worth of electricity kinda billions worth.

      1. MJB7

        Re: Surely decryption is possible...

        It's not a matter of "several nuclear power plants worth of electricity", it's a matter of "several galaxy clusters worth of electricity" (ie, turning the rest mass of several galaxy clusters into electricity, and use that).

        Decent asymmetric encryption is *really* hard to break.

    3. Hans Neeson-Bumpsadese Silver badge

      Re: Surely decryption is possible...

      I guess it's a case of identifying when the manpower costs for doing the decryption exceed the cost of just paying off the miscreants that encrypted the data in the first place

      1. AMBxx Silver badge
        Joke

        Re: Surely decryption is possible...

        Nah. I saw John Trovolta do it in Swordfish - you just have to type really, really fast.

        1. Pascal Monett Silver badge

          Wasn't Travolta, it was Wolverine - but without the bushy sideburns.

          That said, Swordfish was great entertainment.

          1. chuBb.

            not as good as hackers for sheer lolz

    4. Roland6 Silver badge

      Re: Surely decryption is possible...

      Its probably quicker to search the entire web, as given recent (in)security events, the ransomware dev's key is probably out there on an unprotected server.

      1. VikiAi
        Go

        Re: Surely decryption is possible...

        Heck! All your lost data is probably out there on an unprotected server!

  3. Anonymous Coward
    Anonymous Coward

    Can someone explain.....

    Suppose you have daily backups.

    *

    And suppose a ransomware disaster hits.

    *

    Can someone explain why a restore won't result in the loss of less than 24 hours data? I must be missing something here.

    1. Dexter

      Re: Can someone explain.....

      You are missing that most people never seem to back up anything at all

    2. John Robson Silver badge

      Re: Can someone explain.....

      Your backups were online and got encrypted as well...

      Most people don't have tape libraries which can keep backups offline and automatically load the tape when needed - so we have to rely on online backups, or infrequent ones...

      1. itzman

        Re: Can someone explain.....

        'Offline' is a moveable feast.

        Backup is a copy . Where it is and how connected it is are very variable things.

        I do auto backup. If my data were corrupted the backup would be, if I didn't notice for 24 hours.

        But I am protecting against hardware failure, not malware.

        If I were concerned about that, I would do a check on file/backup and if the difference were massive abort and notify.

        I don't consider that this particular malware is a serious threat on Linux.

    3. Captain Scarlet Silver badge

      Re: Can someone explain.....

      Possibly its when they find out their backups havent been working for months as the person who changed the tapes was outsourced.

      1. CrazyOldCatMan Silver badge

        Re: Can someone explain.....

        person who changed the tapes was outsourced

        Or used the same 3 tapes[1] ad-infinitum, had tape error warnings turned off and never actually bothered to do a test restore.

        Sadly a true case.

        [1] Said tapes eventually more resembled bits of clear sellotape without the sticky bits. The only bits that still worked were the last bit of the tape that didn't actually get used.

        1. TomPhan

          Re: Can someone explain.....

          Better still is when the data grows large enough to require two tapes for the entire system - so they put the first one in, let the process run, come back and see that the tape has been ejected and there's a message on the screen saying to insert a tape to continue... Decades ago, so no idea on the wording, but it was ambiguous enough that for a lot of the time both parts went onto the first tape.

      2. JohnG

        Re: Can someone explain.....

        "Possibly its when they find out their backups havent been working for months as the person who changed the tapes was outsourced."

        In the case of backup run at a manufacturing site of a very large pharmaceutical, operations were switched to office hours only and the cleaner was apparently supposed to swap tapes in the backup device. The operator had failed to check and change the tapes during the day, so the cleaner had been swapping the same two tapes for months, overwriting all the previous backups. A whole load of really important data was lost after a disk failure, so the company sacked the cleaner.

        1. Killfalcon Silver badge
          Thumb Down

          Re: Can someone explain.....

          Firing the cleaner is just so petty and vindictive I almost reflexively down-voted you for telling me it happened. Jeez.

        2. I'm Brian and so's my wife

          Re: Can someone explain.....

          That is absolutely disgraceful!

      3. TomPhan

        Re: Can someone explain.....

        You need to do the back-ups when nobody is on the system, so that's going to be the middle of the night, so why not let the security staff do it as part of their rounds. That was the logic used by one of our clients.

    4. Mage Silver badge

      Re: Can someone explain.....

      There is also time delayed encryption.

      The data is encrypted and unlocked on the fly, then not, so the recent backup can be encrypted.

      But as others point out most small companies and some big ones regard backups as an avoidable hassle of time and money.

    5. steviebuk Silver badge

      Re: Can someone explain.....

      Because unless you have ransomware protection on your backups, there is a high chance the ransomware will have also encrypted your backups.

    6. 9Rune5

      Re: Can someone explain.....

      Many companies wouldn't even detect the problem until quite some time has passed.

    7. Aussie Doc
      Holmes

      Re: Can someone explain.....

      "Suppose you have daily backups."

      Ah, now there is where I think lies the heart of the issue.

    8. phuzz Silver badge

      Re: Can someone explain.....

      Even if you are doing regular backups, in a lot of cases the backup medium will either be a USB disk that is left plugged in, or some kind of network storage.

      In both cases any malware that gets root access will have access to this storage, and may well try to encrypt the backups, and any other storage it can get access to.

      So to avoid this you either have to physically unplug your backup disk (and hopefully store it in a fire safe or offsite), or perhaps have your network storage move completed backups to a separate area that the infected machine doesn't have access to.

      1. DropBear

        Re: Can someone explain.....

        Network storage is not necessarily corruptible. I just had a (definitely-not-)quick and (definitely-not-)fun little romp trying to set up a "write-only" network share - you can write to it as long as you wish or until it runs out of free space, but (short of compromising that machine too) you can never alter anything already written...

  4. Danny 14

    Because the backups were encrypted too? Not everyone is backing up at a hypervisor level, smaller companies might still be running a single physical server with cloud email (for example) so whilst their emails are safe their onsite system is hosed.

  5. stiine Silver badge
    Meh

    Who knows. Perhaps dharma's authors took one shortcut that they've discovered?

    1. Michael Wojcik Silver badge

      Yes, and perhaps they've captured a Magic Decryption Fairy.

      Many people have looked at Dharma. Even people who can write competent English prose, which apparently is a skill not available at Fast Data Recovery. (What are they doing with the profits from their many successful recovery cases?)

      It is much, much more likely that this is simply another iteration of the ransomware middleman scam.

  6. chivo243 Silver badge

    Sign me up!

    "Our Priority Evaluation service cost[s] $350AUD for most for most type of infections with the exception to [sic] Dharma and Gandcrab infections."

    Soooo, I can roll up at an infected client, have a look at a few files and say "Yep, you got it!" and collect my fee?!

    Sign me up!

    That whole reply email oozes snake oil and was written by a shrewd BOFH

    1. This post has been deleted by its author

      1. quxinot

        Re: Sign me up!

        A true BOFH would collect the fee first, then cause the infection.

        Fixed.

    2. Anonymous Coward
      Anonymous Coward

      Re: Sign me up!

      Given that the exceptions carried a lower charge than the base case, why would you do that? ;)

  7. Anonymous Coward
    Anonymous Coward

    Win Win Situation

    If their claims aren't legitimate, I'm sure the government will be interested.

    If their claims are legitimate, I'm sure the government will be interested.

  8. veti Silver badge

    Really?

    "The highest number ever factorized [...] is 21".

    That seems a bit underwhelming, even for a quantum-computing claim. My six-year-old knows her seven-times-table too.

    1. Michael Wojcik Silver badge

      Re: Really?

      Physical implementations of General Quantum Computing machines have so far been a bit underwhelming. They may remain so for quite a while yet, though it's always possible we'll see significant improvements.

      To the best of my knowledge, 21 is the largest integer yet factored1 using an implementation of Shor's algorithm on a true GQC machine with a program to factor arbitrary integers.

      There have been larger numbers factored using Shor's and GQC, at least as great as 4088459, but those are integers of special form, where the factors differ by only a few bits.

      There have been larger numbers factored using adiabatic quantum computing (AQC), as implemented by e.g. the D-Wave machine; but AQC has limited application and it's not clear that it offers any real advantage over classical computing, at least for most applications. I mean, if you want to predict how your spin glass will anneal, it could be pretty handy, but you're not using it to break someone's ECCDH key.

      In any case, none of these demonstrations is about doing a better job of factoring a number than your six-year-old does. It's about showing that these very preliminary GQC and AQC machines can in fact be used to implement certain algorithms, even if only for trivial inputs.

      1"factorized"? Ugh.

  9. Anonymous Coward
    Anonymous Coward

    Easy to test

    Ask them to decrypt one of the files as proof. Or submit files that had the encryption substituted for /dev/random output and if they claim there's a high likelihood of recovering those files, you know they are full of it!

  10. 89724102172714182892114I7551670349743096734346773478647892349863592355648544996312855148587659264921

    Now if Google's Quantum "Revolution" could do more than generate random numbers...

  11. Anonymous Coward
    Anonymous Coward

    Risky

    What's to stop the scammers from upping their 'release' price after a company has quoted?

    $175!

    How about $575?

    Sorry sir, here's your money back, no data....

    1. khjohansen

      Re: Risky

      Hmmm .. I guess there's an unhealthy symbiosis. The scammers get a half-legit (and steady-ish) revenue stream, the companies get their cut. And the customers get to deal with a more reliable partner...

    2. GrapeBunch
      Meh

      Re: Risky

      That's too easy. Would never happen.

  12. Anonymous Coward
    Anonymous Coward

    Obvious bollocks is obvious

    "they have tools and computing power beyond that of the NSA"

    Tools, I'm ready to kind of believe. After all, it did happen in the past a single individual proved to be better than whole organizations ...

    But computing power ??? WTF ? They'd have to have billions in funding !

    "We utilise our resources to reverse engineer the ransomware decryption key on your sample files."

    This proves they don't understand cryptography. You technically don't reverse engineer it, as they info is nowhere in the code of the malware, unless the authors have been *really* stupid. You *discover* the key by whatever cryptanalysis method (brute force, good luck ! or anything else).

    This is pure scam, only by wording ...

    1. MJB7
      Boffin

      Re: Obvious bollocks is obvious

      It's definitely a scam of course, but I don't think technically bogus wording proves it.

      In most companies, there will be technical experts who can actually do something, and then there will be marketing communications specialists who will be responsible for writing the emails that get sent to real users.

      After a couple of days of the technical expert trying to explain what is going on to the marketing communications specialist (broken up by a few hours of them restfully banging their head against a brick wall), this is the sort of nonsense that will result.

      1. Pascal Monett Silver badge

        It's not just the bogus wording

        1) Their website is not good. They claim to have international clients, and only show three logos, none of which point to a testimonial from the website of the company in question. Oh, and they use the same guy on the two pics that show people - looks like they don't have all that many techs available.

        2) They brag, that's not professional.

        3) They tout a 100% success rate in "decrypting, analyzing and preventing ransomware attacks", which is simply ludicrously impossible.

        4) Their testimonials are badly written, with the same kinds of mistakes across several "different" entries.

        I look at that website and the wording itself screams "scam!" at me.

        1. David Neil
          FAIL

          Re: It's not just the bogus wording

          They can't even spell New Zealand

          1. Anonymous Coward
            Anonymous Coward

            Re: It's not just the bogus wording

            Did they have too many 'A's in Baaaaaaaaaaa?

        2. ICL1900-G3

          Re: It's not just the bogus wording

          01273 is Brighton, hardly toll free!

    2. DropBear

      Re: Obvious bollocks is obvious

      "But computing power ??? WTF ?"

      You don't understand. They've bought over a dozen Raspberry Pis...!

  13. JimmyPage Silver badge
    Unhappy

    It's sad that we can't get such "perfect" software

    on the side of the angels instead.

    Whoever wrote Dharma should have applied their talents to the tsunami of shit software doing the rounds in UK government circles, for a start.

  14. Anonymous Coward
    Anonymous Coward

    Rakhni Decryptor is designed to decrypt files encrypted by Dharma Ransom.

    So the "No More Ransom Project" is also claiming they can decrypt Dharma...

    1. Pascal Monett Silver badge

      Re: Rakhni Decryptor is designed to decrypt files encrypted by Dharma Ransom.

      Well, they do specify that the tool was made by Kaspersky Labs.

      1. Kiwi
        Boffin

        Re: Rakhni Decryptor is designed to decrypt files encrypted by Dharma Ransom.

        Quick look on Kaspy - yes, they have a such a tool. On the site you linked - they mention that a specific file contains an encrypted (or encoded) password file which contains the user's decryption key. From the sounds of the description either this is encrypted using a weaker method OR the malware writer's decryption key has been released somewhere.

        Would love to get a copy of Dharma and slap a 7 (or XP) install on some spare hardware (would try a VM but I mostly keep my VM's on my working machines and wouldn't want a 'leak' accidentally!) and have at it. I can readily furnish a few thousand image and doc files to give it a good run.

        IME, if Kaspersky says they can recover the files then I'm pretty sure they can, and in this case it's not the shop working with the malware writers but using freebie Kaspersky tools at a premium. Same as the people who used to use Dogbert's free laptop password recovery tools (and yes, having used those many times myself, quite convinced they work)

        ISTR some years back there was another ransomware variant that created a file on disk that contained the decryption key, which was then uploaded to the writer - of course said file could be recovered by file recovery tools as it wasn't over-written (or was poorly overwritten). But that was some years back and I have other work I need to do

  15. Andy The Hat Silver badge

    What is wrong with this picture?

    They are simply outsourcing the decryption to a third party. Ok so they are low-lifes, and the third party just happens to be an organised crime syndicate, but in essence it's no different to the loads of scumbag companies profiteering from 'PPI', "Injury claims" etc when individuals can do the job themselves for much less money ... In fact the first three or four Gargle hits offer exactly the same services. I believe that's what they lovingly encourage as "Good Capitalism" and I'm sure the Orange Hair Monster or his mad British cousin would shake their hand.

    The fact the the original perpetrators are still out there and able to actively conduct significant financial 'business' apparently without risk of being caught and issued with a free orange jump-suit I find exceptionally worrying.

  16. Anonymous Coward
    Anonymous Coward

    Parting more suckers from their money

    Yes they're charlatans, but I have zero sympathy for anyone affected any more than I have for someone who leaves their front door open all day then gets burgled. If the message about always making multiple backups - preferably to read only media occasionally - hasn't got through by now then the victims are actually victims of their own stupidity and hence darwinism in the computer enviroment.

    1. JimmyPage Silver badge
      Mushroom

      Re: Parting more suckers from their money

      Downvoted, as I really don't like the "they were asking for it" excuse that lets scumbags off the hook.

      How about women, wearing "provocative" clothing ? Their fault for being raped was it ?

      1. Anonymous Coward
        Anonymous Coward

        Re: Parting more suckers from their money

        "How about women, wearing "provocative" clothing ? Their fault for being raped was it ?"

        Seriously? You're using that as an analogy? You nauseating individual.

        1. Prst. V.Jeltz Silver badge

          Re: Parting more suckers from their money

          i dont see the problem with the analogy. Both are crimes where the victim is often blamed.

    2. Prst. V.Jeltz Silver badge

      Re: Parting more suckers from their money

      If the message about always making multiple backups - preferably to read only media occasionally - hasn't got through by now then the victims are actually victims of their own stupidity

      I got news for you it hasnt.

      this isnt the 90's ,no one uses "read only media" DVD simply aint big enough.

      Most muggles use facebook as their photo depository.

      the more less mugly may use drop box

      The clever ones may have a few USB sticks

      The advanced have a NAS(s)

  17. LucreLout

    I've had an awful epiphany

    Ransomware is mostly possible because of lax IT practices, which despite all the warnings have simply gone unheeded. I have come to the conclusion that this is in large part to the option to back-out of the mess by paying the ransom. The only way this ends is with the removal of that option and a wave of malware that does the encryption but doesn't retain the keys. Total data loss resulting in organisational failure and mass sackings top down is the only way to turn the situation around.

    I sincerely hope that doesn't happen, and 'we' soldier on trying to get patching done and paying up where it isn't, as there's simply no way of knowing what data would be lost (other than near on every bit of it in the NHS). Some suicide hacker or an anarchist/terrorist type is inevitably going to go for this, either that or it'll happen by accident as some cowboy stuff up key retention for their ransomware.

  18. DrXym

    I can unlock it no problem

    Just give me the ransom price + 15% commission and I'll have your files unlocked in a jiffy.

  19. Anonymous Coward
    Anonymous Coward

    There's one obvious way they can decrypt

    That's if they're actually the authors and thus hold the key required.

    1. Anonymous Coward
      Anonymous Coward

      Re: There's one obvious way they can decrypt

      If they were the authors, they could have made a lot more money writing decent antivirus software for a start.

      And decent encryption suites for a second.

  20. ChrisC Silver badge
    Coat

    Dharma encryption, eh...

    ...wonder if anyone's tried 4815162342 as a backdoor code.

  21. Anonymous Coward
    Anonymous Coward

    Dr Shifro ?

    Dr Shifty more like.

  22. Prst. V.Jeltz Silver badge
    Coat

    21?

    I can factorise 21 ...

    3 and 7

    FTFY

  23. Vivid Professional

    I really want to test them out with an ecrypted file, perhaps a word document that details an FBI investigation into the said company, see what response we get?

  24. keb

    Has anyone with suitable resources (e.g. FBI) tried paying the bitcoin ransom and tracing the money?

    1. Charles 9

      It can be difficult to trace transactions made using e-Coins, particularly if the transactions pass through hostile countries along the way.

      1. Anonymous Coward
        Anonymous Coward

        It's frequently not as hard as it looks to trace bitcoin. Someone has to take the money out at some point, and all previous transactions are available for as long as bitcoin keeps working. See "Silk Road" and other such things if a large government gets really interested in where the money went.

  25. Boy Quiet

    As an old man of computing, first program 1969, and thought networks were pointless, my comments are probably not worth much but here goes anyway.

    If you Data is not on media you own, it’s not your data anymore. If you keep your backups online (powered up and attached to the machine) they are not backups. Every few years as the price point comes down buy larger disks, copy your data, and put the old disk in the equivalent of your socks draw.

    You will loose data , just not all of it.

    1. Kiwi
      Pint

      If you Data is not on media you own, it’s not your data anymore.

      True.. But I encrypt the folders that I share with Dropbox, Mega and Box (except a few that I wish to have publicly available). That way, they can look at all they want they still not gonna see anything unless the encryption is broken.

      If your data is as local as you can have it, but you run W10, then it's not your data either and MS can ship it off at a whim for a looksee if you're online, at least with the home versions (read the EULA if you doubt me!)

      If you keep your backups online (powered up and attached to the machine) they are not backups. Every few years as the price point comes down buy larger disks, copy your data, and put the old disk in the equivalent of your socks draw.

      Owncloud, Box, Mega and many other cloud servers provide for retrieving older versions of files (at least so long as you haven't cleaned out the old versions cache!). As you say, keeping them online is a risk but at least with the ability to get older versions, there's a good chance a good copy is still around.

      (I have old disks going back at least as far as 2002 - not sure if they'll still work).

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like