- The free software will help in recovering encrypted files without any data loss.
- The bug fix software will allow the users to keep a record of the decryption process through a Save Log button.
Emsisoft, a software firm, has released a bug fix for “WannaCryFake,” a Bitcoin-ransoming malware. According to a blog post announcement, the free software will help in recovering encrypted files without the risk of data loss.
Ransomware is dependant on extortion to gain a reward. According to a McAfee report, in Q1 2019, the malware attacks increased 118%, equalling 504 new threats per minute. WannaCryFake is a variant of the WannaCry ransomware. This malware targeted Microsoft computers in 2017 and used AES-256 to lock victims’ files. An infected victim would receive a message saying:
“You have to pay for decryption in bitcoins. The price depends on how fast you write to us. After payment, we will send you the tool that will decrypt all your files.”
Victims are then instructed to get in touch with ransomware distributors via Telegram or ProtonMail. Later, they are told how to send Bitcoin through Pidgin. The malware also warns:
“Decryption of your files with the help of third parties may cause increased price (they add their fee to our) or you can become a victim of a scam.”
The Emsisoft Decryptor uses the encrypted file and the original unencrypted version to bring together the keys that are required to decrypt locked data. Users are told not to rename their files as the protocol uses the filename extension to determine the encryption parameters. The software enables its users to keep a record of the decryption process through a Save Log button.