- Jun 9, 2013
- 6,720
Emsisoft researchers creates decryption tool
Fabian Wosar of Emisoft has created a tool capable of decoding files encrypted by the DecryptorMax ransomware, also known as CryptInfinite.
The ransomware gets its name from the fact that the "DecryptorMax" string is found in multiple places inside its source code. Additionally, the CryptInfinite moniker is also used by some researchers because the ransomware adds the CryptInfinite key to the Windows registry, using it to store a list of all encrypted files and their location on disk.
According to Bleeping Computer's Lawrence Abrams, the ransomware is spread via Word documents attached to spam email. These files pose as resumes.
Full article. DecryptorMax Ransomware Decrypted, No Need to Pay the Ransom
Fabian Wosar of Emisoft has created a tool capable of decoding files encrypted by the DecryptorMax ransomware, also known as CryptInfinite.
The ransomware gets its name from the fact that the "DecryptorMax" string is found in multiple places inside its source code. Additionally, the CryptInfinite moniker is also used by some researchers because the ransomware adds the CryptInfinite key to the Windows registry, using it to store a list of all encrypted files and their location on disk.
According to Bleeping Computer's Lawrence Abrams, the ransomware is spread via Word documents attached to spam email. These files pose as resumes.
Full article. DecryptorMax Ransomware Decrypted, No Need to Pay the Ransom