Russian IT consultancy firm is scamming ransomware victims

It seems that The IT consultancy firm- Dr. shifro from Russian belonging is scamming Dharma/Crysis ransomware victims by promising them their help while trying to decrypt the encrypted files. This firm already helped around 300 ransomware victims.

Short description about Dharma/Crysis ransomware

Dharma/Crysis ransomware is in the news headlines now a day. It has been spread worldwide and affects numerous users’ computer and encrypts their stored files. Developers of this threat demand ransom fee from the victims from the victims who got affected by this threat for providing them a decryption key to get their files restored. However, there is thousands of reports are available that the unknown developers do not provide the decrpyter even after the payment is done.

Cybersecurity researchers’ analysis

, “The business model that Dr.Shifro has created is an attractive one that could easily be replicated by other entrepreneurial scam artists and serves as a new development of the ransomware industry that both individuals and organizations should be wary of.”

According to Cyber security researchers from check point, the company is generating the profit by using a simple trick: they pay ransom to the developers and then increase their price by 75%. The company adds up a thousand dollars to the initial ransom demands and managed to make $300,000 in few years.

Only method to retrieve the files, is it rumor?

It is fact that at the moment of writing there is no any decrypting tool is available for this threat. But at the same time the fact that, there is several IT services providers and individual cybersecurity experts offering the help of file recovery and data decryption to whom you can’t trust. The scammers have successfully increased their number of victims because the victims have no any option for their crucial files retrieval.