Ethel

Planetarium Ransomware Attack

Recommended Posts

Dear Concern,

One of my NAS storage has been attacked wiith Planetarium Ransomware and they have encrypted all my files with .plut extension.

Need assistance.

Thanks & Regards

Ethel

Share this post


Link to post
Share on other sites

I recommend uploading a copy of the ransom note along with an encrypted file to ID Ransomware so that you can verify which ransomware you are dealing with:
https://id-ransomware.malwarehunterteam.com/

You can paste a link to the results into a reply if you would like one of our experts to review them.

Share this post


Link to post
Share on other sites
Quote

Planetarium Ransomware

Hello. How did you know this name?

We know an Planetary Ransomware
Attach to your message here 2 encrypted files and the original ransom note. 

I need to compare them. 

 

Share this post


Link to post
Share on other sites

Hello @Ethel

You did not answer about the name. Why did you decide that this is called the Planetarium Ransomware?

Quote

customer support survey.xlsx.id-0A9A33E1.[[email protected]].PLUT
written test question-customer support executive.doc.id-0A9A33E1.[[email protected]].PLUT
RETURN FILES.txt

The format of the encrypted file and a ransom note indicates that this is a variant of Dharma Ransomware. This extension appeared in the Dharma arsenal in May 2019 with another email.

I have no doubt in this case. 
But for the doubters, we can always use the service "ID Ransomware" and check the files.
Result >>

 

 

Share this post


Link to post
Share on other sites

Sorry, my bad. I may have pretended the name from the extension. So what's the possible solution of this issue?

Share this post


Link to post
Share on other sites

No free decryptor for Dharma.
Only extortioners have a paid decryptor.

Share this post


Link to post
Share on other sites

This is reported by extortionists in the reply letter. Addresses are in the note. It will be expensive.

Share this post


Link to post
Share on other sites
21 hours ago, Ethel said:

What would be the cost for the decryptor?

There are some third-party companies that can negotiate a lower price for you. Coveware is the only one I tend to remember, however there are technically a few that offer the service and are open about the fact that that's what they're doing.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.