Emsisoft has good news for users that were affected by WannaCryFake ransomware attacks. WannaCryFake ransomware victims can download a free decryptor.Developers have released a free tool that will help to return files encrypted by this malware.
“If you have been infected with this ransomware, please download the FREE decryption tool linked below and DO NOT PAY the ransom. A detailed guide is also included”, — report Emsisoft developers.
Unlike real crypto-mining exploits, ransomware is dependent on extortion to reap a reward. Ransomware attacks increased 118 percent in 2019, equaling 504 new threats per minute, in the first quarter, according to a McAfee report.
WannaCryFake is a variation of the notorious WannaCry ransomware designed for Microsoft computers in 2017. It blocks victims files using AES-256 or an advanced encryption standard.
The following extension is added to the affected files:
“The amount of the ransom depends on how quickly you email the attackers. However, we urge you not to mess with ransomware under any pretext”, — Emsisoft writes on the blog.
The note of the attackers contains two contacts for communication: the Telegram channel and e-mail. The victim must pay a ransom in bitcoins.
In the case of payment, the criminals promise to send back a tool for decrypting files. Before payment, you can send ransomware 5 files (the size should not exceed 4 MB), which will be decrypted for free to demonstrate that everything is “clean”.
Read also: Smominru botnet infected 90 thousand devices in just the last month
Once downloaded, the Emsisoft Decryptor uses the encrypted file and the original unencrypted version to piece together the keys needed to decrypt locked data. Because the protocol uses filename extensions to determine the encryption parameters, users are instructed not to rename their files.
Victims of this encryptor can download a free decryption tool from this link.
Emsisoft’s software allows users to keep a record of the decryption process by using the Save Log button.
User Review( votes)