bamathrasher 0 Posted July 24, 2017 Report Share Posted July 24, 2017 I feel like an idiot, I opened up my RDP port for my CPA needing to do some quickbooks work for me and an old admin account was still enabled without a password. Today I was hit with this ransomware with readme.txt to email [email protected] to decrypt. After some research (how I ended up here) it appears this is Cryakl which is currently not decryptable. Just wanted to warn others. one of the file names for example: [email protected] [email protected]@@@@97A1-BDA1.randomname-OPQRSTUUVWWWXYZZAABBCDEEEFGGHI.JJJ.kll This asshole is demanding 2BTC to decrypt, currently like $5400 USD, I had years of data, some work and some personal and my most recent backup for quickbooks is about 2 months ago and 2 years for some of the excel files that were ruined. I can get it all back but it will be tens of hours of boring data entry work. It must have messed with some system files because it prevents safe mode from booting. Stay safe everyone! Quote Link to post Share on other sites
Fabian Wosar 390 Posted August 1, 2017 Report Share Posted August 1, 2017 That looks like Cryakl. There is, unfortunately, no known way to decrypt files encrypted by Cryakl that doesn't involve the cooperation of the ransomware authors. Sorry, but you will have to restore your latest backups. Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.