- Jan 24, 2011
- 9,378
For the present time, victims of the MarsJoke ransomware can recover their files using a decrypter created by the security experts at Kaspersky Lab, available for download for free.
MarsJoke ransomware, also known as JokeFromMars or Polyglot, is a ransomware variant that first appeared two weeks ago, spread by malicious spam emails, and with a focus on the government and K-12 educational sector.
The ransomware has been fairly active and has caught the eye of several independent security researchers, but also employees of big security vendors such as Proofpoint and Kaspersky.
MarsJoke decrypter available for download
The latter announced today that they've managed to identify a weakness in the ransomware's encryption routine that they used to create a free decrypter, which they're now providing as a free download from their site (as the RannohDecryptor tool).
Kaspersky Lab experts warn that this decrypter only works for the ransomware's current versions and that future iterations may not exhibit the same issue that permits the decrypter to recover the encryption keys.
Researchers cite previous incidents involving the CryptXXX ransomware, for which Kaspersky experts broke the encryption three times and created free decrypters, but in the end, CryptXXX's authors identified the encryption bug and fixed it for good.
Read more: http://news.softpedia.com/news/mars...users-can-recover-files-for-free-508916.shtml
MarsJoke ransomware, also known as JokeFromMars or Polyglot, is a ransomware variant that first appeared two weeks ago, spread by malicious spam emails, and with a focus on the government and K-12 educational sector.
The ransomware has been fairly active and has caught the eye of several independent security researchers, but also employees of big security vendors such as Proofpoint and Kaspersky.
MarsJoke decrypter available for download
The latter announced today that they've managed to identify a weakness in the ransomware's encryption routine that they used to create a free decrypter, which they're now providing as a free download from their site (as the RannohDecryptor tool).
Kaspersky Lab experts warn that this decrypter only works for the ransomware's current versions and that future iterations may not exhibit the same issue that permits the decrypter to recover the encryption keys.
Researchers cite previous incidents involving the CryptXXX ransomware, for which Kaspersky experts broke the encryption three times and created free decrypters, but in the end, CryptXXX's authors identified the encryption bug and fixed it for good.
Read more: http://news.softpedia.com/news/mars...users-can-recover-files-for-free-508916.shtml
