Another Free Ransomware Decryptor Released

Publicado en by Cointele | Publicado en

Emsisoft launched a free tool that decrypts files affected by a variant of the Tycoon ransomware attack.

Listen to article Malware lab, Emsisoft, released a free decryptor tool on June 4.

The tool enables victims to recover files encrypted by Tycoon ransomware attacks without needing to pay the ransom.

Researchers from the BlackBerry's security unit first discovered the ransomware.

"Tycoon is a Java-based, human-operated ransomware that appears to specifically target smaller enterprises and is typically deployed via an attack on RDP. Java-based ransomware is unusual, but certainly not unique. Microsoft warned about another Java-based ransomware strain, PonyFinal, last month."

"() the tool only works for files encrypted by the original Tycoon variant, not for files encrypted by any subsequent variants.

The only way to recover files with those latter extensions is to pay the ransom.

A multi-OS ransomwareBlackBerry's researchers noted that Tycoon ransomware can run on both Windows and Linux computers, employing the same technique of asking for cryptocurrency payments like Bitcoin.

Previously, decryption tools could be used to recover files for multiple victims, but that is no longer possible.

This tool aims to recover data encrypted by the VCryptor ransomware amid the international initiative "No More Ransomware."