Advice Request is there a tool that can detect the ransomware and download the decryptor?

Please provide comments and solutions that are helpful to the author of this topic.

giulia

giulia

Level 5
Thread author
Verified
Nov 30, 2016
236
hi
i'm wondering if there is a tool that can detect the ransomware and download the "available" tools to decrypt it and get rid of the ransomeware and decrypt the files?
i know there are so many variants of ransomware , but at least a tool that can detects most of them,with the possibility to fix a pc/laptop
thanks
 
D

Deleted member 65228

Ransomware decryption is a case-by-case basis because not all ransomware encryption can be decrypted. If the ransomware does the encryption procedure properly (and thus being securely) then without that key you will not be performing decryption on the encrypted documents. Sometimes network monitoring can be handy in-case the ransomware has a communication with a server to send the keys back to the attacker (e.g. if the ransomware really would decrypt the encrypted files after ransom payment - some do but you should never trust the attacker).

However, on that note, some ransomware does not have proper encryption procedures from a security point-of-view. In these situations, the encryption algorithm may be able to be reversed by security researchers and this reverse encryption algorithm can be put into a utility to decrypt affected documents by that specific ransomware variant. At the same time, servers possessing decryption keys from specific variants may be seized by law enforcement if it can be located and overruled but this usually would only happen if the ransomware variant caused a lot of damage, and even if it did, there's no guarantee.

Some ransomware trashes the random key used for the encryption procedure and lies about offering decryption in exchange for the ransom payment as well.

Other forms of ransomware aside from the typical file encryption attempts exist in the wild as well, such as screen-lockers. Screen-locking ransomware will lock the screen and demand a payment to unlock the screen - sometimes threatening you and claiming that your files have been encrypted even if they haven't been.

The best thing you can do is keep a good backup, that is the best defense against ransomware.
 
  • Like
Reactions: roger_m, ItsReallyMe, vtqhtr413 and 4 others
BoraMurdar

BoraMurdar

Community Manager
Verified
Staff Member
Well-known
Aug 30, 2012
6,598
Something like this?
Download 360 Ransomware Decryption Tools - MajorGeeks

360 Ransomware Decryption Tool can help decrypt files which have been locked. Currently, it can decrypt over 80 types of ransomware including WannaCry and Petya.We were disappointed to see that it wasn't portable, something we feel every removal tool should be. It becomes easy over time for more aggressive malware to block applications like this from installing.The interface is straight-forward, like similar tools. Select the folders you want to scan and press "Scan." Pressing Cancel returns you to the main screen. We opted for scanning the UserMajorGeeks folder, which only has a handful of files and folders from a clean installation of Windows and that took one minute, five seconds.360 Ransomware Decryption Tool is one of those must-haves for a technician's toolbox. Scan times are reasonable, and there are very few tools that claim to decrypt over 80 different ransomware strains. Odds are it won't decrypt all 80 every time, it's worth having.
Click to expand...
 
  • Like
Reactions: roger_m, vtqhtr413, silversurfer and 3 others
D

Deleted member 65228

As an extension to my previous post, sometimes hacking groups actually release the decryption keys or get hacked by another hacking team who will release the stolen decryption keys for a specific ransomware variant. In these scenarios, an AV vendor may use them to make a decryption utility which may work for some but not all people. If you ever do rely on a decryption utility, make sure you keep a backup of the encrypted documents as well in-case they become further damaged by an unsuccessful decryption attempt.
 
  • Like
Reactions: roger_m and BoraMurdar

Similar threads

Gandalf_The_Grey
    • Like
    • Applause
    • +Reputation
Security News Online ransomware decryptor helps recover partially encrypted files
Replies
0
Views
795
Security News
Gandalf_The_Grey
Gandalf_The_Grey
nicolaasjan
    • Like
    • Applause
    • +Reputation
Malware News New decryptor for Babuk Tortilla ransomware variant released
Replies
0
Views
930
Security News
nicolaasjan
nicolaasjan
Shadowra
    • +Reputation
    • Like
Malware News StopCrypt: Most widely distributed ransomware evolves to evade detection
Replies
3
Views
993
Security News
Victor M
Victor M

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top