Don’t give in to Ransomware
Ransomware’s are making a huge implication on people lives. More and more hackers are using ransomware to make money, some do it for fun and some do it to make money. You can never trust if you will get the decryption key even though you paid for it. Security researcher jadacyrus, has compiled a removable tool which will allow you to decrypt ransomware without paying.
You should never pay the ransom. This will only reinforce this type of attack. According to most security intelligence reports, criminal enterprises are already making large profits from ransomware.
I have compiled this kit to be used for security professionals and system administrators alike, in order to help streamline the process of responding to ransomware infections.
Some of the information in this kit is obsolete due to the rapidly evolving nature of ransomware. I will do my best to keep it up to date with the help of the malware community at large.
In case of infection:
- Remove the impacted system from the network
- Attempt to identify which variant of ransomware you are infected with.
- Before removing the threat, create a copy if possible for later analysis, which may be needed for decryption of files.
- If possible, use restore points or backups to return to a safe state after removing the threat.
- If you have identified the variant of ransomware and a decrypter tool is available for it in this kit, you can attempt to utilize it.
Currently the kit comes with following removable tools for specific ransomware’s and Cyrus promises to keep updating the tool.
Also always try to backup your document on a seperate hard drive which is not connected to anything, in case the tool doesn’t work, you have the option to reformat your drive while still keeping your important files. As Cyrus mentioned, you should never give in to ransomware.