- Apr 21, 2016
- 4,373
Avast continues its battle against ransomware by releasing a new decryption tool for CryptoMix, also known under other aliases, including CryptFile2, Zeta or CryptoShield. The decryption tool works for files that were encrypted while in offline mode.
CryptoMix is a ransomware strain that was first observed in the wild back in March of last year. A few months ago it was renamed by its authors to CryptoShield, but the essence is the same.
As mentioned, Avast's tool works for all the victims who had their files encrypted while in offline mode, which is when the ransomware runs and encrypts a victim's computer even when there's no Internet connection available, thus making it impossible for the malware to reach its Command & Control server.
The keys provided by Avast can be used to try and decrypt the files, but there is no guaranteed success, as with most such tools and there's even the risk of losing the files.
At this point, the decryptor can be used to free .CRYPTOSHIELD .scl, .rscl, .lesli, . code, .rmdk, and .rmd files.
Read more: Avast Releases Decryption Tool for Offline Versions of CryptoMix Ransomware
CryptoMix is a ransomware strain that was first observed in the wild back in March of last year. A few months ago it was renamed by its authors to CryptoShield, but the essence is the same.
As mentioned, Avast's tool works for all the victims who had their files encrypted while in offline mode, which is when the ransomware runs and encrypts a victim's computer even when there's no Internet connection available, thus making it impossible for the malware to reach its Command & Control server.
The keys provided by Avast can be used to try and decrypt the files, but there is no guaranteed success, as with most such tools and there's even the risk of losing the files.
At this point, the decryptor can be used to free .CRYPTOSHIELD .scl, .rscl, .lesli, . code, .rmdk, and .rmd files.
Read more: Avast Releases Decryption Tool for Offline Versions of CryptoMix Ransomware
