Telecom Tidbits
Jared's Network and Security Blog
  • Home
  • Telecom Corner
  • About
  • Contact
  • Donate
  • Site Index
  • Links

Help for MalWare & RansomWare?

May 14, 2017 Jared Hall Internet Security, Microsoft Windows

The best way to stay safe in today’s world is to know the equipment that your using. Mostly, good common sense is all that is needed. But if you’ve been infected with RansomWare, you’re probably doomed and need to restore from backup. The keyword here is “probably“.

In cases where a cryptographic hashing function has been used, it may be possible to derive the key from comparison of a valid source document and it’s encrypted equivalent. These algorithms are such that the byte count is the same between Clear-Text Source documents and the Encrypted documents. Of course, this assumes you can tell what file is what on your computer (or what’s left of it).

In other cases, where a true cryptographic function has been used and a hacking entity’s key server has been confiscated, it may be possible to recover your files.

I generally refer people to the following sites for information.

  • Bleeping Computer
    This site has been around for about as long as Windows XP has (a long time) and one of my favorite stomping grounds. It is useful for diagnosing all kinds of computer-related Malware issues, not just RansomWare. This is probably a good place to start to find out about the type of Malware or RansomWare you’ve got.
  • No More Ransom
    This is the long-awaited collaborative project between Europol’s EC3 Center and the Netherland’s High-Tech Crime Unit, with assistance from Kaspersky Labs, and Intel Security. They are an aggregator of sorts, for decryptor programs.

Now, more bad news. I’ve found that even if you pay the ransom, or even find a decryptor online, you will still be in for some trouble. These hackers encrypt everything they can; it’s all automated. Whether you’ve just got one file or 500 Thousand files, they don’t care. Often times, these decryption programs will only decrypt one file at a time, or a directory at a time. You may need to seek out some scripting help to automate the process.

« BOLO: WannaCry(pt) RansomWare » Mr. Smith Goes to Washington

Tools & Downloads

Download Center

Categories

Good Reads (PDF)

Recent Posts

  • PayPal Woes and Degenerative AI
  • A Pathetic Defense of Julian Assange
  • Damned if you do. Damned if you don’t.
  • ProtonMail? Not Worth an Electron!
  • Give it a REST: Serious WordPress Bugs
$
Select Payment Method
Personal Info

Donation Total: $20.00

↑

  • Home
  • Telecom Corner
  • About
  • Contact
  • Donate
  • Site Index
  • Links
Temporal Based Intelligence © 2017