What is Java ransomware
If your files have been encrypted, and .id-[your-id].[contact-email].java extension has been added to them, that was the work of the newest variant of Crysis (Dharma) ransomware. That ransomware takes advantage of unsecure RDP setups (a weak password usually) to enter the machine and encrypt all files that might be of any importance to the user/company (by targeting certain file types). Crysis ransmware uses strong encryption method, and so far security researches weren’t able to find vulnerabilities that would allow them to create a decrypter. However, two first versions of Crysis ransomware – .crysis and .dharma – had their master decryption keys anonymously posted on computer security forums, making it possible for antivirus vendors to create decryption tools. Of course, these tools will only work on files encrypted by those two ransomware variants, and won’t work on .java files. At the time of writing no free decrypter for .java ransomware exists, however you can use some other methods of recovering encrypted files.