A set of new tools can decrypt files locked by Stop, a highly active ransomware

TechCrunch | 10/18/2019 | Staff
j.moomin (Posted by) Level 3
Click For Photo: https://techcrunch.com/wp-content/uploads/2019/10/ransomware.jpg?w=572

Thousands of ransomware victims may finally get some long-awaited relief.

New Zealand-based security company Emsisoft has built a set of decryption tools for Stop, a family of ransomware that includes Djvu and Puma, which they say could help victims recover some of their files.

Stop - Ransomware - World - Half - Ransomware

Stop is believed to be the most active ransomware in the world, accounting for more than half of all ransomware infections, according to figures from ID-Ransomware, a free site that helps identify infections. But Emsisoft said that figure is likely to be far higher.

If you’ve never had ransomware, you’re one of the lucky ones. Ransomware is one of the more common ways nowadays for some criminals to make money by infecting computers with malware that locks files using encryption. Once the Stop ransomware infects, it renames a user’s files with one of any number of extensions, replacing .jpg and .png files with .radman, .djvu and .puma, for example. Victims can unlock their files in exchange for a ransom demand — usually a few hundred dollars in cryptocurrency,.

Ransomware - Security - Experts - Victims - Files

Not all ransomware is created equally. Some security experts have been able to unlock some victims’ files without paying up by finding vulnerabilities in the code that powers the ransomware, allowing them in some cases reverse the encryption and return a victim’s files back to normal.

Stop is the latest ransomware that researchers at Emsisoft have been able to crack.

Victim - Count - One-quarter - Number - Victims

“The latest known victim count is about 116,000. It’s estimated that’s about one-quarter of the total number of victims.”

“It’s more of a complicated decryption tool than you would normally get,” said Michael Gillespie, the tools’ developer and a researcher at Emsisoft. “It is a very complicated ransomware,” he said.

Stop - Case - Files - Online - Key

In Stop’s case, it encrypts user files with either an online key that’s pulled from the attacker’s server; or an offline key, which encrypts users’ files...
(Excerpt) Read more at: TechCrunch
Wake Up To Breaking News!
Sign In or Register to comment.

Welcome to Long Room!

Where The World Finds Its News!