Business and personal security solutions provider Emsisoft has released a ‘decryption tool’ which, the team claims, offers a completely free and comprehensive solution for systems affected by the crypto-hungry WannaCryFake ransomware.
WannaCryFake takes its namesake from the infamous 2017 WannaCry series of ransom attacks, and as such is similar in its concept and approach. Once infected, the malicious software overtakes its target system and encrypts it’s files using AES-256.
Once in complete control, the user is given an ultimatum: to either pay the attacker a customised value in Bitcoin within a set period of time, or face incremental price hikes until a final deadline – at which point the files are rendered unusable.
At the end of the message, the attacker delivers a stern warning…
- Do not rename encrypted files.
- Do not try to decrypt your data using third party software, it may cause permanent data loss.
- Decryption of your files with the help of third parties may cause increased price (they add their fee to our) or you can become a victim of a scam.
“DO NOT PAY the ransom… under no circumstances should you attempt to make contact [with the attacker]”“Jared” from Emsisoft
Whilst Emsisoft makes its money from a range of commercial products aimed at individuals and enterprise users, the company provides a range of ‘decryption’ tools for ransomware and other malware which are all free of charge.
Cryptocurrency is a highly popular choice amongst fraudsters and extorters due to the fact that it cannot be nullified through traditional centralized finance systems – nor can the perpetrators identity be as easily identified.
At the same time, the distributed ledger technologies make transactions many decentralized tokens incredibly easy to track due to the public nature of their blockchains (Bitcoin, Ethereum, etc).
Whilst there are services like ‘tumbling’ to help anonymise identities, trading public chain tokens is the downfall of many a criminal.