How can we recover files encrypted by ransomware  ? Do we have to pay the criminals who take our Data Recovery hostage? Since making headlines in 2017, ransomware has evolved steadily, but it was and remains a big headache for users and experts alike. 

It is not easy to Data Recovery encrypted by ransomware, even impossible in some cases. But we have good news for all victims of malware such as Yatron or Fortune Crypt : Kaspersky experts have developed decryptors to recover files that have been encrypted by this malware.

The Yatron ransomware is linked to another encryption device, Hidden Tear, which has an unusual story . A few years ago, Turkish researcher Utku Sen created this malware for educational and research purposes and then uploaded the source code. His idea was to make you understand how cybercriminals think and do your best to thwart them.

Sen soon realized that his code could be used by truly malicious people. He therefore voluntarily left loopholes allowing him to Data Recovery the encryption keys on the command servers used by the malicious software. These keys could also be used to create decryptors.

Sen’s plan proved flawed when one of the ISPs, whose services the ransomware creators were using, managed to completely shut down the command server. This resulted in the deletion of all Wikipedia data, including the keys, before the researchers could even notice it.

Later, the criminals contacted Sen and promised him to restore victims’ data if he removed the source code of his cipher from the Internet. Experts were able to grant their request, but many people had already downloaded Hidden Tear by then. The legacy of this software lives on: experts are still finding new ransomware based on this same model. Yatron is just one example among many.

By editor

Leave a Reply

Your email address will not be published.