Emsisoft has released a free decryption tool for the BTC-demanding ransomware WannaCryFake. In a blog post announcing the tool, the cybersecurity company assured its users that it will help them recover their files without the risk of permanent data loss.
WannaCryFake is a variant of the WannaCry ransomware that terrorized Windows users in 2017. To encrypt a victim’s files, it uses AES-256 encryption. Once the ransomware infects a host computer, the attackers send a note informing the owner that their files have been encrypted.
Part of the note states, “All your files have been encrypted due to a security problem with your PC. If you want to restore them, write us to the e-mail [email protected]”
It then goes on to demand that the victim pays the attackers in BTC in order for the files to be decrypted. The size of the ransom depends on how fast you email them. The attackers even offer to decrypt up to five files for the victims for free as guarantee.
The attackers also include some instructions on how the victim can buy BTC, including a link to LocalBitcoins and another link to an article on how to buy BTC.
As with all the other ransomware attacks, the ransom note includes an explicit warning against attempting to decrypt the files. “Do not try to decrypt your data using third party software, it may cause permanent data loss,” the note warns.
However, Emsisoft has urged the victims not to reach out to the attackers.
“Regardless of what the ransom note might say, our decryption tool can help you recover your files for free and will not cause permanent data loss. Please get in touch with our support team if you have any questions.”
WannaCry ransomware broke out in May 2017, attacking computers running Microsoft Windows globally. The malware encrypted the victim’s data and demanded ransom in BTC. WannaCry propagated through EternalBlue, an exploit developed by the NSA which was stolen and leaked by a group of hackers known as The Shadow Brokers. The malware infected government systems, hospitals, railway networks, multinational companies and more in just a few hours.
To receive the latest CoinGeek.com news, special discounts on CoinGeek Conferences and other inside information direct to your inbox, please sign up for our mailing list.
Source From : coingeek