Hit by [email protected]

[bamathrasher 0]

I feel like an idiot, I opened up my RDP  port for my CPA needing to do some quickbooks work for me and an old admin account was still enabled without a password. Today I was hit with this ransomware with readme.txt to email [email protected] to decrypt. After some research (how I ended up here) it appears this is Cryakl which is currently not decryptable. Just wanted to warn others.

one of the file names for example: [email protected] [email protected]@@@@97A1-BDA1.randomname-OPQRSTUUVWWWXYZZAABBCDEEEFGGHI.JJJ.kll

This asshole is demanding 2BTC to decrypt, currently like $5400 USD, I had years of data, some work and some personal and my most recent backup for quickbooks is about 2 months ago and 2 years for some of the excel files that were ruined. I can get it all back but it will be tens of hours of boring data entry work. It must have messed with some system files because it prevents safe mode from booting. Stay safe everyone!

 

 

[Fabian Wosar 390]

That looks like Cryakl. There is, unfortunately, no known way to decrypt files encrypted by Cryakl that doesn't involve the cooperation of the ransomware authors. Sorry, but you will have to restore your latest backups.