Jump to content

Encrypted files advice


Recommended Posts

Hello.

I've created a topic last week about a friend who had their files encrypted by a ransomware.

Later, I found out that the files were encrypted using an online key and decryption is impossible.

Now, they want me to format their PC so they can at least have a clean system to start over, but they also want me to save the encrypted files.

Is it ok for me to save them? I'll copy them to an external HDD and move them back to their PC when I'm done.

I've ran Malwarebytes a couple times and the system seems clean.

Thanks for the help!

Link to comment
Share on other sites

The encrypted files themselves are not infectious or anything.

It's always recommended to archive encrypted files in that case in hopes of something changing in the future; unfortunately with STOP Djvu and the new variants with online keys, your only chance will be if the criminals are caught and their private RSA keys seized by law enforcement.

Link to comment
Share on other sites

On 3/11/2020 at 8:32 PM, Demonslay335 said:

The encrypted files themselves are not infectious or anything.

It's always recommended to archive encrypted files in that case in hopes of something changing in the future; unfortunately with STOP Djvu and the new variants with online keys, your only chance will be if the criminals are caught and their private RSA keys seized by law enforcement.

Yeah, these online keys really suck... I do hope they manage to arrest the criminals, those files meant a lot to my friend...

Anyway, thanks for the info. I've saved their files and filed a report as well.

Link to comment
Share on other sites

  • 2 months later...
On 3/12/2020 at 7:32 AM, Demonslay335 said:

The encrypted files themselves are not infectious or anything.

It's always recommended to archive encrypted files in that case in hopes of something changing in the future; unfortunately with STOP Djvu and the new variants with online keys, your only chance will be if the criminals are caught and their private RSA keys seized by law enforcement.

Hi, I just want to know if there were any circumstances before that the criminals were actually caught and the key for online ID was retrieved?

Link to comment
Share on other sites

16 hours ago, nadine021 said:

Hi, I just want to know if there were any circumstances before that the criminals were actually caught and the key for online ID was retrieved?

It hasn't happened for the STOP ransomware, however there have been cases of it happening with other ransomwares. There have also been cases where criminals have decided to quit making/distributing ransomware, and have released their private keys themselves (keep in mind that this is rare).

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...