White Phoenix decryptor receives an upgrade with the online version. CyberArk, the developer, created a convenient web interface – a big step up from the published source code, as it was previously. The decryptor offers to recover the files ciphered by ransomware that uses intermittent encryption.
CyberArk Publishes Online White Phoenix Decryptor
On January 31, 2024, CyberArk announced the release of a web interface for their White Phoenix decryptor. The highly demanded tool now possesses a user-friendly interface, and no need to install or even compile the program, as it used to be earlier. However, this comes with certain limitations and drawbacks.
Online version allows the user to start decrypting the files in just a few clicks, but it cannot accept files over 10 MB size. Obviously, handling even this size may take some time, as the decryption process is never a fast one. Additionally, the devs ask to avoid uploading files that can contain sensitive information – simply to discard any issues that may be related to such a data type. But either way, it is much more positive than negative, as it opens the data recovery possibilities for a much bigger number of ransomware victims.
What is White Phoenix Decryptor?
White Phoenix is a free file decryptor, originally released by CyberArk back in summer 2023. It exploits weaknesses of the intermittent encryption approach, and allows for deciphering a wide range of files. Among the ransomware families that use such an encryption mode the devs name Play, Qilin, BianLian, BlackCat/ALPHV and DarkBit. Not all file formats are supported as well – only PDF, Word Documents, Excel Documents, PowerPoint Documents, Zip Files are available. This is caused by the way these files work, which makes the recovery process possible.
Initially, the developer offered the decryptor’s source code oh GitHub, not the ready-to-use app. To make use of the development, one needed to compile from this code, which is not an easy task. But even though the online version is now available, it will barely lose popularity: there are a lot of cases when the offline decryptor version will be handy. Aside from the sensitive data, the files may be just large – an often case with corporate documents in PDF/docx format.
The Month Of Ransomware Decryption
We witness the third ransomware decryptor to pop up within January 2024. First, there was a decryptor for Black Basta ransomware; shortly after, Avast released the decryptor for Tortilla (Babuk). Sure, the online version of White Phoenix is rather an extended functionality than the new decryption tool, but the very fact of such an update says a lot. Moreover, the latest trends confirm this – victims simply refuse to pay for ransomware decryption, opting for a different way to get the files back.
Anywhose, a much better option is to avoid ransomware infections at all. By staying away from shady sites, email messages from unknown sources and cracked applications, you decrease the chance of facing any malware, not just ransomware. Add a powerful anti-malware software, like GridinSoft Anti-Malware, on top of this, and you’d have your system secured from the vast majority of threats.