manish657

My System Infected by .mbed extension

Recommended Posts

Kindly give me a solution.  I do not have that much money to pay for Ransomware.  2 days ago I was installing a software then all the Data in my Drives (C,D,E,F) encrypted by .mbed Extension and in every Drive and Folders there is a _readme.txt files containing the following message: 

ATTENTION!

Don't worry, you can return all your files!
All your files like photos, databases, documents and other important are encrypted with strongest encryption and unique key.
The only method of recovering files is to purchase decrypt tool and unique key for you.
This software will decrypt all your encrypted files.
What guarantees you have?
You can send one of your encrypted file from your PC and we decrypt it for free.
But we can decrypt only 1 file for free. File must not contain valuable information.
You can get and look video overview decrypt tool:
https://we.tl/t-wj1fybU0Fy
Price of private key and decrypt software is $980.
Discount 50% available if you contact us first 72 hours, that's price for you is $490.
Please note that you'll never restore your data without payment.
Check your e-mail "Spam" or "Junk" folder if you don't get answer more than 6 hours.


To get this software you need write on our e-mail:
[email protected]

Reserve e-mail address to contact us:
[email protected]

Your personal ID:
0184Asd374y5ADfyPEdCzaGCjzY49JXD7N2aGZvZyXuXR2bTTB83

Amit Chaudhary Sons Data.doc.mbed

Share this post


Link to post
Share on other sites
17 hours ago, manish657 said:

Your personal ID:
0184Asd374y5ADfyPEdCzaGCjzY49JXD7N2aGZvZyXuXR2bTTB83

This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link:
https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

Share this post


Link to post
Share on other sites
22 minutes ago, manish657 said:

So will there be any solution in future or in coming days so that I can keep my files.

Only if law enforcement catches the criminals and releases their database of private keys so that we can add them to our decryption service.

Share this post


Link to post
Share on other sites

My recommendation is to keep an eye on BleepingComputer's news feed. They usually report when new decrypters are released, and they would more than likely report on private keys for STOP/Djvu being released as well.
https://www.bleepingcomputer.com/

Share this post


Link to post
Share on other sites

I received the mail from Ransomware here is it and I found his Location by IP Address Can You Help in this regard ?
IP Address and Location of Person :

<e-mail information and contents removed>

After seeing all these Can you help ?

Edited by GT500
Removed e-mail and IP address.

Share this post


Link to post
Share on other sites
14 hours ago, manish657 said:

After seeing all these Can you help ?

In order to decrypt your files, we'd need the private key the command and control servers generated for your files' ID. The criminals are not going to send that to you until you pay the ransom.

Share this post


Link to post
Share on other sites
14 hours ago, manish657 said:

here is it and I found his Location by IP Address

I didn't bother verifying it, however it was more than likely the IP address of the e-mail server. If the criminals were foolish enough to be giving away their own IP addresses, then they'd be in prison right now.

BTW: I highly recommend not posting your e-mail address on a public forum. It invites spam.

Also note that many of the criminals who make ransomware monitor our forums, so if you post your e-mail address here then they will attempt to contact you and extort money from you (or scam you into paying for fake decryption services).

Share this post


Link to post
Share on other sites
13 minutes ago, manish657 said:

Hope that soon You get their Private Keys so that I can Decrypt my Data.

Usually that depends on how quickly law enforcement is able to catch the criminals who made/distributed the ransomware. For now, the best course of action is to make a backup of all of the encrypted files, and file a report with law enforcement to help them get an idea of the impact of this ransomware:
https://www.nomoreransom.org/en/report-a-crime.html

Share this post


Link to post
Share on other sites

Your personal ID:
0184Asd374y5ADfyPEdCzaGCjzY49JXD7N2aGZvZyXuXR2bTTB83

I have taken the backup of all the Encrypted Files of .mbed extension. 

Can I reinstall the Windows ?

Will my Data be Decrypt whenever the Private Key available ?

Share this post


Link to post
Share on other sites
14 hours ago, manish657 said:

Your personal ID:
0184Asd374y5ADfyPEdCzaGCjzY49JXD7N2aGZvZyXuXR2bTTB83

I have taken the backup of all the Encrypted Files of .mbed extension. 

This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link:
https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

 

14 hours ago, manish657 said:

Can I reinstall the Windows ?

It's not necessary with this ransomware, however you may reinstall Windows if you'd like to. Just be sure to make a backup of your encrypted files first.

 

14 hours ago, manish657 said:

Will my Data be Decrypt whenever the Private Key available ?

There is always a chance that private keys may be released at some point in the future, so we generally recommend keeping a backup of your encrypted files in case decryption is possible at some point in the future.

Share this post


Link to post
Share on other sites

Thanx @GT500 

There is (in C: Drive) so much unnecessary space which I am not able to detect and delete thats why I want to Reinstall Windows.

Your personal ID:
0184Asd374y5ADfyPEdCzaGCjzY49JXD7N2aGZvZyXuXR2bTTB83

I have taken the backup of all the Encrypted Files of .mbed extension. 

Can I reinstall the Windows ?

Will my Data be Decrypt whenever the Private Key available ?

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.