Monday, 23 November 2015

Researcher Cracks DecryptorMax-Ransomware

A German researcher has succeeded DecryptorMax-ransomware which recently appeared to crack, causing casualties free their files to recover. The DecryptorMax-ransomware encrypts ransomware like other kinds of files on the computer.

Then a warning that must be paid. Unlike other ransomware, as CryptoWall the ransom amount doubles after a certain time, DecryptorMax victims gives 24 hours of time, otherwise the decryption key will be deleted and encrypted files will never be decrypted.

Fabian Wosar Emsisoft Anti-Malware now discovered that it is possible to retrieve the decryption key by brute force. This allows victims do not have to pay the ransom. Wosar developed a tool called DecryptInfinite in order to retrieve the decryption key. This tool requires a non-encrypted version of one of the encrypted files. In the case of victims not talking about have eg they can download an unencrypted PNG file from the Internet.

Then, the email address should be specified that the ransomware in the warning to show the victim. This information uses the tool for brute Forcen the decryption key. Something that can take some time. When the key is found, the tool show. But prevention is better than cure. Internet users therefore be advised to be cautious with email attachments. DecryptorMax spreads through email attachments posing as vacancies, reports the forum Bleeping Computer.

No comments:

Post a Comment