Jump to content

Wildfire ransomware code cracked: Victims can now unlock encrypted files for free

RV_

By RV_
in Computers and Software

Recommended Posts

RV_ Grand Master

RV_

Posted
Posted

Folks,

Whether you are the type that can't fix your own computer, or helps others with theirs, this article is a must read to be ready. Instead of losing everything the ransomware you might find you have or a friend does may very well have a simpler fix than a factory restore. While the information in the article is about one variant in the Netherlands, the forces for good are now able to give keys for more than a few of the nasties out there.

 

Excerpt:

 

"Victims of a ransomware campaign aimed at Dutch speakers don't have to pay hackers after the No More Ransom project cracked its cipher.

 

Victims of the Wildfire ransomware can get their encrypted files back without paying hackers for the privilege, after the No More Ransom initiative released a free decryption tool.

 

No More Ransom runs a web portal that provides keys for unlocking files encrypted by various strains of ransomware, including Shade, Coinvault, Rannoh, Rakhn and, most recently, Wildfire.

 

Aimed at helping ransomware victims retrieve their data, No More Ransom is a collaborative project between Europol, the Dutch National Police, Intel Security, and Kaspersky Lab.

 

Wildfire victims are served with a ransom note demanding payment of 1.5 Bitcoins -- the cryptocurrency favored by cybercriminals -- in exchange for unlocking the encrypted files. However, cybersecurity researchers from McAfee Labs, part of Intel Security, point out that the hackers behind Wildfire are open to negotiation, often accepting 0.5 Bitcoins as a payment.

 

Most victims of the ransomware are located in the Netherlands and Belgium, with the malicious software spread through phishing emails aimed at Dutch speakers. The email claims to be from a transport company and suggests that the target has missed a parcel delivery -- encouraging them to fill in a form to rearrange delivery for another date. It's this form which drops Wildfire ransomware onto the victim's system and locks it down.

 

Whoever is behind Wildfire, victims no longer need to pay a ransom in order to get their files back, with the decryptor tool now available to download for free from the No More Ransom site ( https://www.nomoreransom.org/decryption-tools.html ) The tool contains 1,600 keys for Wildfire, and No More Ransom says more will be added in the near future."

 

The entire article with screen shots and live links is here: http://www.zdnet.com/article/wildfire-ransomware-code-cracked-victims-can-now-unlock-encrypted-files-for-free/?ftag=TRE49e8aa0&bhid=19724681974700635514865380622813

RV/Derek
http://www.rvroadie.com Email on the bottom of my website page.
Retired AF 1971-1998


When you see a worthy man, endeavor to emulate him. When you see an unworthy man, look inside yourself. - Confucius

 

“Those who can make you believe absurdities, can make you commit atrocities.” ... Voltaire

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
RVers Online University

mywaggle.com

campgroundviews.com

RV Destinations

Find out more or sign up for Escapees RV'ers Bootcamp.

Advertise your product or service here.

The Rvers- Now Streaming

RVTravel.com Logo



×
×
  • Create New...