The Lumber Cartel, local 42 (Canadian branch)
 |   |   |   |   |   |   | 
 
 

Resources - Ransomware decryptors

"Ransomeware" is a sub-category of malicious software that encrypts its victims data then demands a ransom be paid to decrypt it.  The software listed here are free solutions that may be helpful to you if you are a victim.  If you know of a free ransomware decryptor product that is not listed here, please contact us.

[Black Byte Decryptor]Black Byte Decryptor - Decryption Tool
https://www.github.com/SpiderLabs/BlackByteDecryptor
This is a decryptor for the ransomware called BlackByte.  The encryption key is stored in a file called forest.png, which was downloaded from a web page that's no longer available.

[No More Ransom]No More Ransom! - Decryption Tools
https://www.nomoreransom.org/en/decryption-tools.html
Law enforcement and IT Security companies have joined forces to disrupt cybercriminal businesses with ransomware connections.  The "No More Ransom" website is an initiative by the National High Tech Crime Unit of the Netherlands' police, Europol's European Cybercrime Centre, Kaspersky Lab, and McAfee with the goal to help victims of ransomware retrieve their encrypted data without having to pay the criminals.

[Emsisoft Nemucod logo]Emsisoft Decrypter for Nemucod
https://decrypter.emsisoft.com/nemucod/
Nemucod is a JavaScript downloader malware that was previously used to distribute TeslaCrypt, but the more recent Nemucod versions dropped the TeslaCrypt payload in favour of their own ransomware implementation.  Since the Nemucod ransomware encrypts the first 2,048 bytes of a file using a 255 bytes XOR key, the decrypter only requires an encrypted file of at least 510 bytes in size as well as its unencrypted version, which are specified with Emsisoft's simple drag-and-drop interface.  (Nemucod was recommended by Bleeping Computer.)

[Kaspersky Lab logo]Kaspersky Labs
http://noransom.kaspersky.com/
Kaspersky Labs, who are probably most famous for their anti-virus and internet security solutions, have teamed up with the National High Tech Crime Unit (NHTCU) of the Netherlands.

 

Guides and other useful information

[Comparitech logo]History of Ransomware
https://www.comparitech.com/blog/information-security/the-history-of-ransomware/
Comparitech explains that Ransomware is one of the largest threats you can face today, both on your own PC at home, and at work too.  This blog article details Ransomware from its humble beginnings to how it has become a massive global business that nets millions, if not billions, of dollars for its creators.
 
 
[Home] [Profile] [Glossary] [Library] [Resources] [Tools] [FAQ] [Site map] [Contact us]

Copyright © Inter-Corporate Computer & Network Services, Inc.  All rights reserved.
All trademarks are the property of their respective owners.