Today I briefly looked at a small outbreak of ransomware, which fortunately didn't affect me personally. The encrypted files had .crypt appended to their names, and the ransom note had several misspellings, including a mention of RZA4096 (should be RSA). The files are indeed scrambled in some way. Kaspersky's tool to decrypt CryptXXX files does not support these. Stories I found on the Internet indicate that paying will not help, so if you're hit with this, don't pay. Instead, restore from backups, which you totally have, right?
Seriously, make backups now. You never know when some kind of exploit will result in your data getting destroyed.
No comments:
Post a Comment