Saurav

Roger and lockbit ransomware.

Recommended Posts

my system got attacked by ransomware called "roger" and "Lockbit". i was realize very late as i received notification and slow response in system.
i have removed ransomware virus by reinstall windows using recovery disk/
then scanned the whole system by '
kaspersky total security' and 'spyhunter 5' software.

i have tried with all decryptors tool available on kaspersky ransomware tools. Also tried "quick-heal" and "avast" decryptors tool too, but problem was not resolved yet.

Request you to please help me out to solve problem and decrypt my whole data.

Thank you in advance.

Share this post


Link to post
Share on other sites

'Roger' is a variant of Dharma Ransomware.
LockBit and Dharma can appear together because they are distributed with the same ways.
The other day we saw their joint distribution with the same set of exploits.

They use a secure file encryption method. It is impossible to calculate the decryption key with modern computing means.

  • Upvote 1

Share this post


Link to post
Share on other sites

Any Idea how can i get my files back?

Is there any solutions available?

or Any chances to solution available in upcoming days?

 

Share this post


Link to post
Share on other sites

Dharma is distributed since 2016 and only early versions could be deciphered.
LockBit appeared in October 2019, we hope that a decryption method will be found or the keys will be published.

Emsisoft has made many decryption tools, all of them are free. If there is such an opportunity, the decryptor will be published on a special page.

https://www.emsisoft.com/ransomware-decryption-tools/free-download 

Share this post


Link to post
Share on other sites

It isn't going to be possible to decrypt your files without paying the ransom for some time (as Amigo-A said it's already been years). Our recommendation is to save a backup of your encrypted files and keep it in a safe place in case decryption is possible at some point in the future.

We also recommend keeping an eye on BleepingComputer's newsfeed, as they will usually report on new developments with ransomware decrypters:
https://www.bleepingcomputer.com/

If you have an RSS feed reader, then they also have an RSS feed so that you don't have to manually check for news:
https://www.bleepingcomputer.com/feed/

Share this post


Link to post
Share on other sites

Help friends, this virus also affected me, I had to format my pc. I tried all the possible tools to decrypt my data and I still have not been able, I have not found anything to help me, this virus is the worst thing that has happened to me. I need to get my files back very urgently. Anyone who knows of any method. Thanks for helping me in the future. The creators of this rasonmware are unaware of the damage they cause to those of us who always work from a pc like us. @Saurav, if you have any way to get your files back I hope you can help me Thanks!

Share this post


Link to post
Share on other sites
18 hours ago, Deianreality said:

Help friends, this virus also affected me, I had to format my pc. I tried all the possible tools to decrypt my data and I still have not been able, I have not found anything to help me, this virus is the worst thing that has happened to me. I need to get my files back very urgently. Anyone who knows of any method. Thanks for helping me in the future. The creators of this rasonmware are unaware of the damage they cause to those of us who always work from a pc like us. @Saurav, if you have any way to get your files back I hope you can help me Thanks!

There's no way to decrypt files that have been encrypted by Dharma without paying the ransom.

  • Confused 1

Share this post


Link to post
Share on other sites
On 9/5/2020 at 9:34 AM, Deianreality said:

Do you recommend that I pay the ransom...

We never recommend giving money to criminals, however we also understand that you need to do what you feel is necessary.

 

On 9/5/2020 at 9:34 AM, Deianreality said:

... do you ensure that they give me the encryption key?

I can't ensure or guarantee anything for the criminals who made/distributed this ransomware.

In most cases they do seem to send a working decrypter and a working private key, however I can't say that this is always the case, and there will always be some risk involved in paying.

Share this post


Link to post
Share on other sites
20 hours ago, Luciano said:

Já tem disponível um programa para arquivos que foram criptografados pelo ROGER.lockBit?

No, there's no way to decrypt files that have been encrypted by the Dharma ransomware (the one that left .ROGER on the end of file names). I don't think we know for certain about LockBit yet, however it doesn't really matter as your files have been encrypted by both.

Tradução fornecida pelo Google:
Não, não há como descriptografar arquivos que foram criptografados pelo Dharma ransomware (aquele que deixou .ROGER no final dos nomes dos arquivos). Acho que ainda não sabemos com certeza sobre o LockBit, no entanto, isso realmente não importa, pois seus arquivos foram criptografados por ambos.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.