Security Brief: The French Retis Ransomware Appends .Crypted

Discussion in 'News Archive' started by Solarquest, Dec 21, 2017.

  1. Solarquest

    Solarquest Moderator
    Staff Member AV Tester

    Jul 22, 2014
    This is a security brief for the newly discovered ransomware called Retis. This brief will contain technical information related to how it infects a computer, how it is distributed, and whether it can be decrypted or not.

    Retis Summary
    The Retis Ransomware was discovered by security researcher SDK on December 19th 2017. This is a .NET ransomware, so its source code is easily accessible. When started it will first target the victim's Desktop, Documents, and Pictures folder for encryption. After encrypting those folder, it will target the rest of the drives on the computer.
    Is Retis Decryptable?
    Yes, in its current state, the Retis Ransomware can be decrypted because it uses a static key that can be retrieved by the executable. If anyone becomes a victim of this ransomware, please contact us and we will see if we can create a decryptor for you.

    On VT
Similar Threads Forum Date
Brief view of my security setup SCW Archive Mar 30, 2014
CAUTION faysalaltafmirza's Security Config PC Security Configuration Today at 12:56 PM
Video Review ByPass Eset Internet Security 11 Video Reviews Yesterday at 4:19 PM
  • About Us

    Our community has been around since 2010, and we pride ourselves on offering unbiased, critical discussion among people of all different backgrounds about security and technology . We are working every day to make sure our community is one of the best.
  • Need Malware Removal Help?

    If you're being redirected from a site you’re trying to visit, seeing constant pop-up ads, unwanted toolbars or strange search results, your computer may be infected with malware. We offer free malware removal assistance to our members in the Malware Removal Assistance forum.
  • Quick Tip

    Without meaning to, you may click a link that installs malware on your computer. To keep your computer safe, only click links and downloads from sites that you trust. Don’t open any unknown file types, or download programs from pop-ups that appear in your browser.