Sign in to follow this  
saerdib

Should we expect any hope for online id ( Maas )

Recommended Posts

imagine that all my 2 TB hard disk which contains very valuable data ( personal and work files , accounts ) has gone forever , it costs me more than 15 years of work , time and efforts so it can't be Compensable , unfortunately , I don't had any backup of them in the time the ransomware attacked me .  this ransomware is a nuisance for sure , besides , This had very bad consequences for my work

all that hapened because of new stop / djvu using AES encryption with online id and ( MAAS ) extension

My personal ID:
0239yjnkjddrtlOcGx5NH5gOrcJIXbn3gCiG8v5yNjLYxBCEn50jq

Therefore, this should be considered a very major crime in the world aimed at stealing and destroying private files for others and infringing on their privacy and property and negatively affecting their work and their lives.
 
we always get this disappointing replay :  " Notice: this ID appears to be an online ID, decryption is impossible "  OR  "This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files "  OR  "Invalid file pair; file encrypted by newer version of STOP Djvu"
 
I hope and ask you that your company communicate and cooperate, through the exchange and providing of information and experiences, with all the relevant governmental and security institutions and organizations , law enforcement and security agencies in the world and even the international police and Interpol to search for these criminals and punish them severely due to the severe damage they caused to individuals , institutions and companies , And the email addresses of these criminals ( mainsained in the ransom note text ) must be tracked and accessed in any way to catch them and obtain the unique decryption keys they own and add these keys to the decrypting tool which you already have.
at least find any way to get access to the servers of these criminals and get the personal keys they have .
This is the only and final solution to decrypt all data that uses online encryption caused by ransomware.
Do you agree with me ? I think that you really do so , but I need your reassurance .
we must Not pay the ransom or contact the hackers , we shouldn't encourage these bad hackers . that is right , of course , we all agree on this point , but do you have any alternative solution if you don't catch these hackers .
is that really happen ? so we can hear good news in the near future and decrypt all online ID / Encrypted files .
should I keep all my encrypted files in a safe place or leave them as they are in the same hard disk , or format my hard disk and forget them ( Very painful choice ) ?
Note : recovery software couldn't recover my data successfully , the recovered data are overwritten by ransomware and became corrupted and damaged .
thank you for your concern .
best regards
 

 

 

Share this post


Link to post
Share on other sites
9 hours ago, saerdib said:

stop / djvu using AES encryption

This ransomware doesn't use AES encryption. It uses Salsa20 encryption with RSA keys.

 

9 hours ago, saerdib said:

I hope and ask you that your company communicate and cooperate, through the exchange and providing of information and experiences, with all the relevant governmental and security institutions and organizations , law enforcement and security agencies in the world and even the international police and Interpol to search for these criminals ...

We communicate and cooperate with any legitimate organizations, companies, security researchers/analysts, and law enforcement agencies who wish to work with us in the analysis of ransomware and the criminals behind it.

 

9 hours ago, saerdib said:

we always get this disappointing replay :  " Notice: this ID appears to be an online ID, decryption is impossible "  OR  "This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files "  OR  "Invalid file pair; file encrypted by newer version of STOP Djvu"

That's because those are the facts. Of course we wish that wasn't the case, as we detest criminal activities such as ransomware, however we're limited by the fact that RSA keys are impervious to most forms of attack, In most cases there really is nothing we can do.

 

9 hours ago, saerdib said:

at least find any way to get access to the servers of these criminals and get the personal keys they have .

At this point that will probably only happen if the criminals make a mistake, or if law enforcement is able to seize their server.

Share this post


Link to post
Share on other sites

I'd like to great and thank each one of your team for your efforts and concern .

are we going to hear any good news about decrypting Maas extension with online ID ?

As , your company is promising and considered the specialist one in the field of stop/DJVU ransomware solution

and due to all coaporation and working together with other security , well-known anti-virus companies , law enforcement and anti-ransowware sites ... ext

I just need to learn if there any developments or changes , whatever , to decrypt my files one day .

it would be my dream and everyone's happy day when this disapointing messege is gone "This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files " and "Notice: this ID appears to be an online ID, decryption is impossible "

should we expect that if "law enforcement couldn't arrests the criminals and releases their database of private keys for inclusion in decryption tools " so in this case , that means my files are gone forever and I should forget them .

My personal online ID :

0239yjnkjddrtlOcGx5NH5gOrcJIXbn3gCiG8v5yNjLYxBCEn50jq

thanks a lot

Best regards

 

Share this post


Link to post
Share on other sites
6 hours ago, saerdib said:

I just need to learn if there any developments or changes , whatever , to decrypt my files one day .

Newer variants of the STOP/Djvu ransomware use RSA keys, which are impervious to most forms of attack.

 

7 hours ago, saerdib said:

should we expect that if "law enforcement couldn't arrests the criminals and releases their database of private keys for inclusion in decryption tools " so in this case , that means my files are gone forever and I should forget them .

Our recommendation is to save a backup of your encrypted files and keep it in a safe place in case decryption is possible at some point in the future.

We also recommend keeping an eye on BleepingComputer's newsfeed, as they will usually report on new developments with ransomware decrypters:
https://www.bleepingcomputer.com/

If you have an RSS feed reader, then they also have an RSS feed so that you don't have to manually check for news:
https://www.bleepingcomputer.com/feed/

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.