BSC Ransomware

The BSC Ransomware is based on the Dharma Ransomware project, and it is likely to be distributed with the assistance of phishing emails that are meant to look as if they contain an important file attachment. The attached file is likely to come in a Microsoft Office format, and users who attempt to open it may be prompted to ‘Enable Macros’ in order to view protected content. However, this is a known trick that cybercriminals use to get users to authorize the execution of a harmful macro script that unpacks and executes a malicious payload – in this case, this is the BSC Ransomware.

Once the BSC Ransomware is launched, it may get to work and encrypt popular file types found on the victim’s computer – archives, images, videos, Microsoft Office documents, Adobe projects, etc. immediately. All files locked by the BSC Ransomware will have their names modified to include the ‘.id-.[basecrypt@aol.com].bsc’ extension. Also, the BSC Ransomware will leave a ransom note for the victim to read – it may often be found in the text document ‘FILES ENCRYPTED.txt’ that is on the desktop.

The attackers offer to provide their victims with a working decryptor, but they demand to receive a Bitcoin payment in return. The price of the ransom fee may vary, but users are likely to be asked to pay over $300 via Bitcoin in exchange for the decryption software. We advise against cooperating with the BSC Ransomware’s authors since they cannot be trusted, and trick you easily if you opt to send them the Bitcoin.

The recommended course of action when it comes to dealing with the BSC Ransomware or other file-lockers based on Dharma is to start the recovery process by using an anti-virus program to eliminate the harmful software. Unfortunately, this is not enough to recover the lost files, and victims of the BSC Ransomware will need to restore their files from a backup or look into alternative file recovery options.