bamathrasher

Recommended Posts

bamathrasher    0

bamathrasher
Posted

I feel like an idiot, I opened up my RDP  port for my CPA needing to do some quickbooks work for me and an old admin account was still enabled without a password. Today I was hit with this ransomware with readme.txt to email [email protected] to decrypt. After some research (how I ended up here) it appears this is Cryakl which is currently not decryptable. Just wanted to warn others.

one of the file names for example: [email protected] [email protected]@@@@97A1-BDA1.randomname-OPQRSTUUVWWWXYZZAABBCDEEEFGGHI.JJJ.kll

This asshole is demanding 2BTC to decrypt, currently like $5400 USD, I had years of data, some work and some personal and my most recent backup for quickbooks is about 2 months ago and 2 years for some of the excel files that were ruined. I can get it all back but it will be tens of hours of boring data entry work. It must have messed with some system files because it prevents safe mode from booting. Stay safe everyone!

 

 

Share this post

Link to post
Share on other sites

Fabian Wosar    390

Fabian Wosar
Posted

That looks like Cryakl. There is, unfortunately, no known way to decrypt files encrypted by Cryakl that doesn't involve the cooperation of the ransomware authors. Sorry, but you will have to restore your latest backups.

 

Share this post

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go To Topic Listing

  • Recently Browsing   0 members

    No registered users viewing this page.