Stories
Slash Boxes
Comments

SoylentNews is people

Submission Preview

Link to Story

Two Ransomware Decryptors Released

Accepted submission by RandomFactor at 2019-07-21 22:56:13 from the giving dept.
Security

RandomFactor [soylentnews.org] writes:

SUBMISSION NOTE: Pardon our French - In the below 'fbomb/FBOMB would be replaced with the actual fbomb/FBOMB, including in the article link

A few days ago, EMSISOFT [emsisoft.com] released a decryptor for the 'ims00ry' ransomware. Now they have released one for the zerofbombs [securityaffairs.co] ransomware. Those who have been infected by this ransomware do not need to pay the ransom to retrieve their files, they can go download the decryptor at no charge.

ZeroFBOMBs ransomware encrypts files with AES-256 and replaces the extension in the filename with “.zerofbombs” (i.e. “myphoto.jpg” is changed to “ myphoto.zerofbombs”.

the note left on infected systems by this ransomware reads

“All your important files have been encrypted. If you want your files back, you need to pay €400 in Bitcoins. After the payment is received, we will give you access to unlock your files. Click on the Payment button to get more info.” reads ransom note

“If you don’t pay within 48 hours, the price will be doubled. After another 24 hours, the price will be doubled again. If you don’t pay within 96 hours your files will be destroyed.”

the ims00ry ransomware on the other hands states

My friend. I want to start my own business, but i have no money.

What one does if he wants to starts a biz, but has no $$$? Of course, go & ransom people! What else to do, right?

All your files photos, databases, document and other important are encrypted with strongest
encryption and algorithms RSA 4096, AES-256.
if you want to restore your files payment and write to Telegram bot
Price decrypt software is $50.

Attention!!!
Do not rename or move the encrypted files.

EMSISoft's Decryptors for these and fifty other ransomware families are available here [emsisoft.com]

If you have an old system or drive lying around that was ransomwared and want to see if there is a free decryptor for it, steps to identify the ransomware and an extensive list of free ransomware decryptors is available here [heimdalsecurity.com]

Original Submission