A empresa de segurança Bitdefender, juntamente com a Europol, o FBI, a polícia romena e outras agências de aplicação da lei, desenvolveram uma ferramenta de decifragem de ransomware totalmente gratuita.
The good news is that now you can have your data back without paying a cent to the cyber-criminals, as Bitdefender has released a free utility that automates the data decryption process.” reads the blog post published by Bitdefender.
“This tool recovers files encrypted by GandCrab ransomware versions 1, 4 and 5.”
As vítimas podem determinar essa versão do ransomware analisando a extensão anexada aos ficheiros cifrados e / ou à nota de resgate. Na tabela a seguir são disponíveis as informações para as várias versões do popular ransomware.
Developed in close partnership with Europol and the Romanian Police, and with support from the FBI and other law enforcement agencies, the tool lets victims around the world retrieve their encrypted information without paying tens of millions of dollars in ransom to hackers.” reads the statement published by the Bitdefender.
“The new tool can now decrypt data ransomed by versions 1, 4 and 5 of the GandCrab malware, as well as all versions of the ransomware for a limited set of victims in Syria.”
Este ransomware se espalha através de vários vetores de ataque, incluindo e-mail de spam, kits de exploração e campanhas de malware.
As vítimas do ransomware podem remover a ferramenta desenvolvida através da seguinte hiperligação:
Pedro Tavares is a professional in the field of information security working as an Ethical Hacker/Pentester, Malware Researcher and also a Security Evangelist. He is also a founding member at CSIRT.UBI and Editor-in-Chief of the security computer blog seguranca-informatica.pt.
In recent years he has invested in the field of information security, exploring and analyzing a wide range of topics, such as pentesting (Kali Linux), malware, exploitation, hacking, IoT and security in Active Directory networks. He is also Freelance Writer (Infosec. Resources Institute and Cyber Defense Magazine) and developer of the 0xSI_f33d – a feed that compiles phishing and malware campaigns targeting Portuguese citizens.
Read more here.