.ADOBE File Extension
Dharma Ransomware Encrypted File
2.7 | 6 Votes
What is an ADOBE file?
A file with an .ADOBE extension has been encrypted by Dharma ransomware, a type of malware utilized by cybercriminals. It is not associated with the software company Adobe, Inc.
Dharma ransomware renames standard files, such as .MP4, .DOCX, and .PDF files with a ".ADOBE" extension. The files are encrypted with AES and RSA ciphers so it is not possible to open the files by simply changing the file extension.
The purpose of ransomware is to take your files hostage and force you to pay the perpetrator, often through bitcoin, to unlock your files. It may be introduced to your computer through an executable file disguised as another type of file. This may be an email attachment, a file downloaded from a website, or a file included in a software installer.
Once the executable file is run, it begins scrambling your files, renaming them with the .adobe extension, and encrypting them. The virus then generates a .TXT ransom note (FILES ENCRYPTED.txt or _openme.txt) informing you of the takeover and what you need to do to recover your files.
The virus renames your files using the following naming convention:
For example, if you have a sample.pdf file it may become sample.pdf.id-HDNFH438.[[email protected]].adobe.
NOTE: ADOBE files became prevalent in late 2018 and early 2019 and are similar to .LOCKY and .WALLET files.
How to open an ADOBE file
No known program can restore ADOBE files to their original state. The best way to recover your files is to retrieve them from a recent backup or perform a System Restore to a point before your computer was infected.
FileInfo.com recommends you never pay a ransom to decrypt files encrypted by ransomware. Paying a ransom encourages ransomware distributors to continue their efforts, and there is no guarantee that paying a ransom will give you access to your files. Instead, you should restore your data from a recent backup created before the ransomware infected your computer.