clapton82

Server hacked by Remote Access and crypted by a ''sort' of Amnesia ransomware with .please extension

Recommended Posts

A ''sort' of Amnesia , because the 'mode' of attack , is typical of the Amnesia , same effects that are described here : https://www.cyber.nj.gov/threat-profiles/ransomware-variants/amnesia

and the same ransom note file HOW TO RECOVER ENCRYPTED FILES.TXT , but with a different text (as you can see by the attached file),and different extension (all files are crypted with the .please extension).

I tryed the Amnesia emsisoft decrypted, and it seems to work , attempting  a brutal attack mode, but when key space exhausted, arrive at 100% an alert says that there is no possibility to decrypt that file ( the files in input are the same, same size , the oly difference is that one of those is crypted as suggested by the program manual).

After a lot of reasearch on internet , im sure that is the Amnesia. It s only little bit different. There s someone that could help me please? Thank you! ;)

HOW TO RECOVER ENCRYPTED FILES.TXT

Share this post


Link to post
Share on other sites

There's a version of Scarab that uses the .amnesia extension. It's not decryptable (at least not without somehow getting the private key from the criminals who made the ransomware).

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.