What's new

Ransomware malware decryptor


Forum Guru
Feb 23, 2013
share ko lang ito, kasi na experience ko ito first time sa client namin na nainfect ng ransomware virus sa pc nya yung version 3 na cerber malware, so sad hindi na recover mga files kasi wala pang decryptor ang virus na ito. So meyron akong nakita na decryptor sa ibang ransomware virus baka sakaling maka tulong in the future.

thanks to kaspersky & Trendmicro

what is ransomware?
Ransomware is computer malware that installs covertly on a victim's computer, executes a cryptovirology attack that adversely affects it, and demands a ransom payment to restore it. Simple ransomware may lock the system in a way which is not difficult for a knowledgeable person to reverse, and display a message requesting payment to unlock it. More advanced malware encrypts the victim's files, making them inaccessible, and demands a ransom payment to decrypt them.[1] The ransomware may also encrypt the computer's Master File Table (MFT) or the entire hard drive.[2][3] Thus, ransomware is a denial-of-access attack that prevents computer users from accessing files[4] since it is intractable to decrypt the files without the decryption key. Ransomware attacks are typically carried out using a Trojan that has a payload disguised as a legitimate file.

While initially popular in Russia, the use of ransomware scams has grown internationally;[5][6][7] in June 2013, security software vendor McAfee released data showing that it had collected over 250,000 unique samples of ransomware in the first quarter of 2013, more than double the number it had obtained in the first quarter of 2012.[8] Wide-ranging attacks involving encryption-based ransomware began to increase through Trojans such as CryptoLocker, which had procured an estimated US$3 million before it was taken down by authorities,[9] and CryptoWall, which was estimated by the US Federal Bureau of Investigation (FBI) to have accrued over $18m by June 2015.[10]

source: wikipedia

Some Ransomware attack demonstration

Troldesh ransomware
Crysis ransomware
cerber3 ransomware

Kaspersky Decryptor
Tools info

RakhniDecryptor tool is designed to decrypt files affected by Rakhni, Agent.iih, Aura, Autoit, Pletor, Rotor, Lamer, Lortok, Cryptokluchen, Democry, Bitman (TeslaCrypt) version 3 and 4, Chimera.

RannohDecryptor tool
is designed to decrypt files affected by Rannoh, AutoIt, Fury, Crybola, Cryakl, CryptXXX versions 1 and 2 (files encrypted by Trojan-Ransom.Win32.CryptXXX version 3 are detected, but not decrypted), Polyglot.

CoinVaultDecryptor tool is designed to decrypt files affected by CoinVault and Bitcryptor. The National High Tech Crime Unit (NHTCU) of the Netherlands’ police, Netherlands’ National Prosecutors & Kaspersky helped create this tool.

XoristDecryptor tool
is designed to decrypt files affected by Xorist and Vandev.

WildfireDecryptor tool
is designed to decrypt files affected by Wildfire.

ShadeDecryptor tool is designed to decrypt files affected by Shade version 1 and version 2.

trend Micro decryptor

Laging tandaan, Walang magaling na antivirus sa tangang user. ^_^

2jfxedj.png wag hit and run.gif


Last edited: