yigityzc

Is there any improvement about .rezm encryption?

Recommended Posts

On 3/7/2020 at 4:41 PM, yigityzc said:

Hello, Is there any improvement on decrypting files with .rezm?

This is a newer variant of STOP/Djvu. If you have an offline ID, then once we can find the decryption key for this variant and add it to our database you should be able to recover your files. However, if you have an online ID (which is more likely) then it will not be possible to recover your files. There is more information at the following link:
https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

 

On 3/7/2020 at 4:41 PM, yigityzc said:

Another question is what is online identity?

If you mean an "online ID", then it means the ransomware was able to connect to its command and control servers. When that happens the command and control servers generate a unique ID, public key, and private key for each computer the ransomware infects. The ID and public key are then sent to the ransomware running on the infected computer, and used during encryption. The private key (required for decryption) is stored in a database and never leaves the command and control server, which is why we can't decrypt files that have an online ID.

Share this post


Link to post
Share on other sites
16 hours ago, saeid.manutd said:

Hello. Does the "online ID" feature remain for ever? Does it change to offline ID by passing of time?

It wouldn't matter if your ID changes. It's just a randomly generated code used to identify your computer so that they know who is paying the ransom. Once your files are encrypted with a public key, nothing can change that until you can use the private key to decrypt them.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.