vissha Posted August 24, 2016 Share Posted August 24, 2016 Two Free Decrypters Available for WildFire Ransomware Intel McAfee & Kaspersky both provide free decryption tools Quote Intel McAfee and Kaspersky have published two decrypters that can unlock files encrypted during WildFire ransomware infections. Both tools are available for download via the NoMoreRansom website, a collaboration between the two companies, the Dutch police, and the Europol European Cybercrime Centre (EC3). WildFire appeared in the spring and targeted only the Netherlands WildFire is a ransomware that was first spotted in mid-April, under the name GNL and then Zyklon. The ransomware rebranded at the end of May, taking the current WildFire name, which it still uses. During June, and later July, WildFire devs started a series of massive spam floods to distribute their ransomware, mostly targeting users living in the Netherlands. Security researcher MalwareHunterTeam told Softpedia that Wildfire ransomware campaigns continued in the month of August, even if not reported by security vendors as the initial wave of spam. Based on data Softpedia received from MalwareHunterTeam, and from a later OpenDNS analysis, we presumed that Russian developers are behind this new ransomware variant. Dutch police confiscate WildFire C&C servers At the time it was discovered, security researchers said the ransomware wasn't decryptable because it featured a solid encryption scheme. Researchers investigating this threat caught a lucky break when the crooks behind WildFire decided to register custom Dutch domains and host servers in the Netherlands. "By working together with the police on this case, we had something much better in our hands: The botnetpanel code!" said Kaspersky's Jornt van der Wiel. Leveraging this data, researchers created two free WildFire decrypters. Furthermore, because they had access to the C&C server statistics, security researchers concluded that during the last 31 days, WildFire infected 5,309 computers, with 236 users paying the ransom. WildFire authors made 136 Bitcoin ($79,000). Below is a screenshot of Kaspersky's tool. The decrypter created by Intel McAfee is a command-line utility and might be too advance for non-technical users. Source Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.