Ransomware that caused Considerable Destruction is now Cracked

According to security researchers, a hitherto hard to crack piece of ransomware, which did tremendous destruction, is now under control with its encryption code deciphered thus enabling computer operators to brute-force into the code and unlock all the files that had been encoded, so published softpedia.com in news on December 2, 2015.

Having dual names, which are file2@openmailbox.org and helpme@freespeechmail.org, the ransomware got its names after 2 e-mail ids from among all those in messages that told recipients to get in touch with the ransomware's owner to obtain the decryption code along with the payment particulars.

As for the helpme@freespeechmail.org id, the address has the file extension only partly that's appended with the ransomware encoded objects' regular extensions. Essentially, when the infection processes any Microsoft Word document of the victim, its extension name would become 'doc.id-{10 random digits}_helpme@freespeechmail.org'. Not just that the items look peculiar externally, however, they won't as well get opened with aid of alternative software else default programs that makes ransomware frauds so extremely effective.

The ransomware assault just described as well has one .txt file emerging having a weird name like 'VIRUSFUCKEDYOURFILES'. Every folder is attempted to contain this entity while there is illicitly encrypted data in all the folders along with the compromise details.

Essentially, there comes a message to the computer operator that he has been victimized with a compromise wherein to recover his data he must deposit a fee, else he can send a message to helpme@freespeechmail.org following which he would get an e-mail from the malware distributor. The e-mail states that the user must pay three Bitcoins if he wants his documents, presentations, videos and images back for access.

The helpme@freespeechmail.org ransom malware, which is served to computers through contaminated e-mail attachments, is considerably dangerous to users' systems and their important data. However, this can be overcome via removal of the malware first and then recovering the files. In the special case of the RSA-2048 crypto, which is highly complex, it is not easy to accomplish the remedy; still, reinstating lost data-files after a ransomware attack is not something fanciful or imaginative.

» SPAMfighter News - 12/10/2015