Mavincenzi 0 Posted January 20, 2020 Report Share Posted January 20, 2020 Hi guys, I was victim from this threat yesterday, looks like I've an offline ID, since all my files (.nosu) got a copy of a _readme text file with the default threat text. My Personal ID is: 0197nTsddtILma34zZGXbDA6Ml7mOe2NwGX3EIFGZmWHWSiyI What should I do? Can you guys help me? _readme.txt Quote Link to post Share on other sites
Kevin Zoll 309 Posted January 20, 2020 Report Share Posted January 20, 2020 Hello , Thank you for contacting Emsisoft Support. The ID you supplied is an online ID, meaning that the files cannot be decrypted. An online ID means that your encryption key was generated and stored on a command & control server under the control of the ransomware gang responsible for encrypting your files. There is more information available at the following link: Quote Link to post Share on other sites
Mavincenzi 0 Posted January 20, 2020 Author Report Share Posted January 20, 2020 Is it possible to do something with the encrypted file and its original file to help? Like a reverse engineering? Quote Link to post Share on other sites
Kevin Zoll 309 Posted January 20, 2020 Report Share Posted January 20, 2020 No it is not feasible to reverse engineer the encryption key. Even if we had the world's most powerful super computer at our disposal it would not be able to crack the encryption algorithm anytime in the next couple hundred thousand years. Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.