Security Brief: The French Retis Ransomware Appends .Crypted

Solarquest

Moderator
MalwareTips Staff
AV-Tester
Verified
Joined
Jul 22, 2014
Messages
1,960
#1
This is a security brief for the newly discovered ransomware called Retis. This brief will contain technical information related to how it infects a computer, how it is distributed, and whether it can be decrypted or not.

Retis Summary
The Retis Ransomware was discovered by security researcher SDK on December 19th 2017. This is a .NET ransomware, so its source code is easily accessible. When started it will first target the victim's Desktop, Documents, and Pictures folder for encryption. After encrypting those folder, it will target the rest of the drives on the computer.
..
...
Is Retis Decryptable?
Yes, in its current state, the Retis Ransomware can be decrypted because it uses a static key that can be retrieved by the executable. If anyone becomes a victim of this ransomware, please contact us and we will see if we can create a decryptor for you.
...
...
...


On VT
VirusTotal
 

Similar Threads

Similar Threads