Dkey Ransomware is Another Dharma Clone
Dkey ransomware is a newly discovered ransomware variant that belongs to the Dharma family of ransomware clones.
Dkey encrypts almost every file on the system and then asks for the ransom payment. Affected file extensions include document files, media files, archives and databases as well as executables that are not essential to Windows.
Encrypted files receive a multi-string new extension that consists of the victim ID code, the email used by the ransomware author and the ".dkey" extension.
Once Dkey finished encrypting files, it drops its ransom demands inside a file called "FILES ENCRYPTED.txt" and displays a pop-up window. The longer version of the ransom note is contained in the pop-up and goes as follows:
YOUR FILES ARE ENCRYPTED
Don't worry,you can return all your files!
If you want to restore them, follow this link:email Daniel22key at aol dot com YOUR ID -
If you have not been answered via the link within 12 hours, write to us by e-mail:Daniel22key at cock dot li
Attention!
Do not rename encrypted files.
Do not try to decrypt your data using third party software, it may cause permanent data loss.
Decryption of your files with the help of third parties may cause increased price (they add their fee to our) or you can become a victim of a scam.