clapton82

Server hacked by Remote Access and crypted by a ''sort' of Amnesia ransomware with .please extension

Recommended Posts

A ''sort' of Amnesia , because the 'mode' of attack , is typical of the Amnesia , same effects that are described here : https://www.cyber.nj.gov/threat-profiles/ransomware-variants/amnesia

and the same ransom note file HOW TO RECOVER ENCRYPTED FILES.TXT , but with a different text (as you can see by the attached file),and different extension (all files are crypted with the .please extension).

I tryed the Amnesia emsisoft decrypted, and it seems to work , attempting  a brutal attack mode, but when key space exhausted, arrive at 100% an alert says that there is no possibility to decrypt that file ( the files in input are the same, same size , the oly difference is that one of those is crypted as suggested by the program manual).

After a lot of reasearch on internet , im sure that is the Amnesia. It s only little bit different. There s someone that could help me please? Thank you! ;)

HOW TO RECOVER ENCRYPTED FILES.TXT

Share this post


Link to post
Share on other sites

There's a version of Scarab that uses the .amnesia extension. It's not decryptable (at least not without somehow getting the private key from the criminals who made the ransomware).

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.