Sign in to follow this  
ivory

zida ransom

Recommended Posts

Dear sir

I cannot open my file by infected Zida ransomware.
so,  I was run to emsisoft decryptor version 1.0.0.4  for infected my files
But I can not dycryption for my file 
The program message to me as belows.
notice : This id appears to be an online ID, decryption is impossibe
How can I recover my files? 
I'll wait for your fastly reply.
Thanks.

 

 

Share this post


Link to post
Share on other sites
6 hours ago, ivory said:

notice : This id appears to be an online ID, decryption is impossibe

This is a newer variant of STOP/Djvu, and your ID is an online ID there is currently no way to decrypt your files. There is more information at the following link:
https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

Share this post


Link to post
Share on other sites

Hi. I appreciate your work very much. I can not tell by words how helpful your work is. Just the fact, that you offer a solution for free is incredible. You repair damages to many peoples lives. Unfortunately my 20+ years of work and personal files were encrypted with an online key. I struggle to remain sane, and I try not to realize how much I have lost. Will there be any chance in the future to decrypt such files? I believe in miracles to some extent, but as I understand, this is a very hopeless situation at the moment. I tried System Restore, data recovery tools, etc.

Share this post


Link to post
Share on other sites
2 hours ago, forzal said:

Will there be any chance in the future to decrypt such files?

If law enforcement is able to catch the criminals or otherwise gain access to their servers and release their private keys for use in decrypters, then we can add them to our database so that everyone can get their files back.

 

2 hours ago, forzal said:

I tried System Restore, data recovery tools, etc.

Unfortunately those methods don't usually work, as the criminals who make the ransomware account for them and try to prevent them.

Share this post


Link to post
Share on other sites
19 hours ago, forzal said:

Thank you for your reply. How about files that I have copies of both in encrypted and in original form as well. Can these be used to reveal the key?

No. Newer variants of STOP/Djvu use RSA keys, which are impervious to most attacks.

Share this post


Link to post
Share on other sites

I hope I'm not bothering you. As I slowly start to understand the nature of this virus and the crime behind it, I keep thinking about solutions. Could the following idea work? A decrypter that goes through all the characters (If I'm not mistaken, the key has a 40 character length, so the number of guesses is almost half as if it were to start from 1 character). A very small jpg file (less than 50kb.) would be used and the decrypter would create copies of all the decrypted jpg files for each key. The user would open the specific directory and search through the thumbnails for the jpg decrypted with the right key. Having the right key, it could be used to decrypt all files. I would even pay for such a decrypter if the idea works.  I know, it would be millions and millions of files, but I think I would have the patience to search manually, and if the created files total size would be more than lets say 100GB, the decrypter would pause and continue upon command.

 

Edit: I just calculated the number of guesses. 64 characters to the 40th is a very huge number :(

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.