Recommended Posts

Dear sir

I cannot open my file by infected Zida ransomware.
so,  I was run to emsisoft decryptor version 1.0.0.4  for infected my files
But I can not dycryption for my file 
The program message to me as belows.
notice : This id appears to be an online ID, decryption is impossibe
How can I recover my files? 
I'll wait for your fastly reply.
Thanks.

 

 

Share this post


Link to post
Share on other sites
6 hours ago, ivory said:

notice : This id appears to be an online ID, decryption is impossibe

This is a newer variant of STOP/Djvu, and your ID is an online ID there is currently no way to decrypt your files. There is more information at the following link:
https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

Share this post


Link to post
Share on other sites

Hi. I appreciate your work very much. I can not tell by words how helpful your work is. Just the fact, that you offer a solution for free is incredible. You repair damages to many peoples lives. Unfortunately my 20+ years of work and personal files were encrypted with an online key. I struggle to remain sane, and I try not to realize how much I have lost. Will there be any chance in the future to decrypt such files? I believe in miracles to some extent, but as I understand, this is a very hopeless situation at the moment. I tried System Restore, data recovery tools, etc.

Share this post


Link to post
Share on other sites
2 hours ago, forzal said:

Will there be any chance in the future to decrypt such files?

If law enforcement is able to catch the criminals or otherwise gain access to their servers and release their private keys for use in decrypters, then we can add them to our database so that everyone can get their files back.

 

2 hours ago, forzal said:

I tried System Restore, data recovery tools, etc.

Unfortunately those methods don't usually work, as the criminals who make the ransomware account for them and try to prevent them.

Share this post


Link to post
Share on other sites

Thank you for your reply. How about files that I have copies of both in encrypted and in original form as well. Can these be used to reveal the key?

Share this post


Link to post
Share on other sites
19 hours ago, forzal said:

Thank you for your reply. How about files that I have copies of both in encrypted and in original form as well. Can these be used to reveal the key?

No. Newer variants of STOP/Djvu use RSA keys, which are impervious to most attacks.

Share this post


Link to post
Share on other sites

I hope I'm not bothering you. As I slowly start to understand the nature of this virus and the crime behind it, I keep thinking about solutions. Could the following idea work? A decrypter that goes through all the characters (If I'm not mistaken, the key has a 40 character length, so the number of guesses is almost half as if it were to start from 1 character). A very small jpg file (less than 50kb.) would be used and the decrypter would create copies of all the decrypted jpg files for each key. The user would open the specific directory and search through the thumbnails for the jpg decrypted with the right key. Having the right key, it could be used to decrypt all files. I would even pay for such a decrypter if the idea works.  I know, it would be millions and millions of files, but I think I would have the patience to search manually, and if the created files total size would be more than lets say 100GB, the decrypter would pause and continue upon command.

 

Edit: I just calculated the number of guesses. 64 characters to the 40th is a very huge number :(

Share this post


Link to post
Share on other sites

Your personal ID:
0238yjnkjddrtG9qTndaNZt7T3qatn09pvmQkbwwcFL4pp6ajD3e8

can it decrypt???? I attack with .zida ransomware????? 

I decrypt one file from the criminal cyber attacker. Now I have the both encrypted file and same decrypted file by the criminal. By this can you find the private key???????

Share this post


Link to post
Share on other sites
On 7/4/2020 at 7:19 AM, forzal said:

Edit: I just calculated the number of guesses. 64 characters to the 40th is a very huge number :(

That's correct. It would take even a supercomputer thousands of years to brute force a private key for the STOP/Djvu ransomware.

Share this post


Link to post
Share on other sites
On 7/4/2020 at 7:35 AM, [email protected] said:

i can't able to decrypt myfile as my personal ID:
0238yjnkjddrtjmwXidpfnAUR2OTLd6j1rlmTdEnJyTi6CtCXru2J

This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link:
https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

Share this post


Link to post
Share on other sites
14 hours ago, ZIDA UPSET said:

Your personal ID:
0238yjnkjddrtG9qTndaNZt7T3qatn09pvmQkbwwcFL4pp6ajD3e8

This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link:
https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

 

14 hours ago, ZIDA UPSET said:

I decrypt one file from the criminal cyber attacker. Now I have the both encrypted file and same decrypted file by the criminal. By this can you find the private key???????

Newer variants of the STOP/Djvu ransomware use RSA keys, which are not vulnerable to most forms of attack.

Share this post


Link to post
Share on other sites

Hi ,

My all filed are infected by zida virus 

and it’s a online ID , any possibility to recover file in future 

 

Share this post


Link to post
Share on other sites
8 hours ago, Saurabh said:

My all filed are infected by zida virus 

and it’s a online ID , any possibility to recover file in future

If law enforcement is able to catch the criminals or otherwise gain access to their servers and release their private keys for use in decrypters, then we can add them to our database so that everyone can get their files back.

Our recommendation is to save a backup of your encrypted files and keep it in a safe place in case decryption is possible at some point in the future.

We also recommend keeping an eye on BleepingComputer's newsfeed, as they will usually report on new developments with ransomware decrypters:
https://www.bleepingcomputer.com/

If you have an RSS feed reader, then they also have an RSS feed so that you don't have to manually check for news:
https://www.bleepingcomputer.com/feed/

  • Like 1

Share this post


Link to post
Share on other sites

Hi,

Even I am a victim of .zida ransomware

 

my Personal ID is:  0238yjnkjddrt2ZNqB5U5oVs9HqWsrlc2bu5Nz5d4JTmFhaul7W03

please decrypt my files......

 

Share this post


Link to post
Share on other sites
19 hours ago, Munazir said:

my Personal ID is:  0238yjnkjddrt2ZNqB5U5oVs9HqWsrlc2bu5Nz5d4JTmFhaul7W03

This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link:
https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

 

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.