Sign in to follow this  
m.fedawi

.MEKA decryptor

Recommended Posts

Can I ask for the tool that ransomware makers sends once the victim pays?

as the video they sent attached I've noticed that the tool  file that they send only needs the key to resolve all files infected files.

I attached the read me note file,  I also have some files in both before and after encryption does it help? 

 

as my understanding i found that the id is somehow related to the key, i think they have made it in same programming algorithm so they have to be encrypting all files with same key per user , is that true?

_readme.txt

Share this post


Link to post
Share on other sites

Thank you GT500 ,  I appreciate your kind reply and hope you guys find a solution for it soon,

so anybody have a  copy of  the ransomware makers fix tool?

Share this post


Link to post
Share on other sites
18 hours ago, m.fedawi said:

so anybody have a  copy of  the ransomware makers fix tool?

We do occasionally get a copy of them. I can assure you that they won't be of any help. The ransomware's command and control servers will generate random public and private keys for each computer that gets infected by STOP/Djvu. Public keys are sent to the ransomware running on the infected computers to be used in encryption, and the private keys (which are required for decryption) are stored in a database on the server and never sent to the infected computers.

When someone pays the ransom, they only send the private key for the ID assigned to that victim's computer by the ransomware. This means that the decryption tool sent by the criminals to victims who have paid the ransom is only capable of decrypting files for a single computer.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.