Jump to content

Recommended Posts

The OFFLINE KEY is a hard-coded built-in encryption key that is used if the malware failed to get an ONLINE KEY from it's command and control servers while you were online at the time the ransomware encrypted your files. If the malware is able to reach it's command server it will obtain and use a random ONLINE KEY.  

ONLINE KEYs are unique for each victim and randomly generated in a secure manner. That means there is no way to decrypt files if infected with an ONLINE KEY without paying the ransom and obtaining the private keys from the criminals who created the ransomware.

There is more information about ONLINE vs OFFLINE KEYS in the Emsisoft STOP/Djvu Decryptor FAQs:.


Link to post
Share on other sites
On 6/11/2020 at 12:39 AM, Vivekvajha said:

Is there any way that the online ID becomes offline in the future?

No. ID's are set before your files are encrypted, and their only purpose is to identify what private key should be used to decrypt your files. As @quietman7 explained, private keys for online ID's are randomly generated for each infected computer, so they are unique for each infected computer (unlike private keys for offline ID's which are all identical for the same variant of STOP/Djvu).

Since only the criminals have the private keys, and no one else has access to them, there's no way we can decrypt files that have online ID's. The only way that could ever change is if the private keys were released publicly so that we could add them to our database.

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    No registered users viewing this page.

  • Create New...