Security Brief: The French Retis Ransomware Appends .Crypted

Solarquest

Moderator
Thread author
Verified
Staff Member
Malware Hunter
Well-known
Jul 22, 2014
2,525
This is a security brief for the newly discovered ransomware called Retis. This brief will contain technical information related to how it infects a computer, how it is distributed, and whether it can be decrypted or not.

Retis Summary
The Retis Ransomware was discovered by security researcher SDK on December 19th 2017. This is a .NET ransomware, so its source code is easily accessible. When started it will first target the victim's Desktop, Documents, and Pictures folder for encryption. After encrypting those folder, it will target the rest of the drives on the computer.
..
...
Is Retis Decryptable?
Yes, in its current state, the Retis Ransomware can be decrypted because it uses a static key that can be retrieved by the executable. If anyone becomes a victim of this ransomware, please contact us and we will see if we can create a decryptor for you.
...
...
...


On VT
VirusTotal
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top