I just got infected with what appears to be GlobeImposter 2.0 according to the ID Ransomware online identifying tool. Now some of my files are encrypted with the .DOCX extension and I haven't been able to find any info on it online, also no one else seems to have the same extension as me (or hasn't posted about it online). I'm using MalwareBytes and hope my system is clean of the ransomware. (Haven't used software from Emisoft yet).
I have read everything in this thread until now and would ask for a confirmation on two things if possible (which I've bolded to make them easier to spot) - as far as I can understand, the GlobeImposter 2.0 variation is a special one, different than previous versions which basically means creating an universal decryption tool is impossible, is that correct? Because the information about encryption and keys is stored on their servers. I wanted to know whether I should keep my files while waiting for a decryptor or just delete them to free space. (And also the possibiltiy of police raiding their servers and releasing the keys as GT500 said.) I can always upload one of my encrypted files as well as the .txt notice with instructions if you want me to, just didn't deem it necessary at this point. The notice is similar to the ones posted in this thread.
Also I don't know if this has any connection to me getting infected, but it happened while I was updating my Epic Games launcher. My pc started stuttering and got hot, when I checked to see what's hijacking my CPU memory, it was the Epic Games launcher doing some high-volume updates and it appeared very strange to me, but I didn't stop it... It ran for quite some time and scanned my PC, there was a graph with 3 columns - reading, writing and downloading, with writing and downloading staying at 0%, while reading was very active, at about 150-200 MB/sec. What was it reading at such a fast speed? Could it have been encrypting the files during that time? It didn't seem like a different program was running, it was a tab from the Epic Games Store launcher... I apologize to them if it doesn't have anything to do with their program, but that's what I remember. After I closed it, the "how to decrypt your files" txt files appeared in my folders.
Thank you and all the best.