Avast launches four new ransomware decryptors

2 minute read

Home » News » Avast launches four new ransomware decryptors

The rise of ransomware has given a whole new world of meanings to cyber threat. It’s now one of the dangerous malware forms in that it locks users out of their computer and important files using robust encryption tools. Unless you pay the amount demanded by attackers, you’ll have to look for other ways to recover your data. Fortunately, some of the major security vendors got your back with free decryption tools.

One such security firm is Avast, which recently released four new free tools to decrypt various types of ransomware. The company expanded its roster of decryptors for the new ransomware strains: Alcatraz Locker, CrySiS, Globe, and NoobCrypt. Avast is offering these tools free of charge. So the next time you’re hit with any of these ransomware attacks, check out Avast’s decryptors to retrieve your computer files.

Alcatraz Locker

The Alcatraz Locker ransomware first surfaced in November of this year. The ransomware is so called because of the eponymous extension name it appends to files it encrypts. But Alcatraz Locker is not like the typical ransomware in that it does not discriminate target files. That means the ransomware locks any file it can find in the victim’s computer. The ransomware targets only files in the %PROFILES% directory to avoid damaging the operating system, according to Avast.

Avast also belied the ransomware’s lock-screen message that says it uses the AES-256 encryption with a 128-bit password, noting that the password actually uses 128 bytes, not 128 bits. Alcatraz Locker then adds another layer of encryption to the locked files using BASE64.

Alcatraz Locker usually asks victims to pay 0.3283 Bitcoin, or roughly $240, to recover their files. With Avast’s new decryptor, it’s now free to retrieve your precious documents.

CrySiS

CrySiS has begun to infect computers in September 2015 using AES and RSA algorithms for encryption. Unlike other ransomware strains that contain a list of specific target files, CrySiS instead contains a list of files it won’t encrypt.

Globe

Globe started its operation in August 2016. The ransomware is written in Delphi and can be modified, thus the rise of many of its variants that uses various extensions to lock files. What is interesting about this ransomware, according to Avast, is the built-in debug mode. Globe uses RC4 or BlowFish encryption to lock documents.

NoobCrypt

Avast first spotted the NoobCrypt strain in July of this year. It is written in C# and uses AES256 encryption. The ransomware displays a confusing mix of messages: It requests payments in New Zealand Dollars, but also instructs victims to send payments to a Bitcoin address. Although NoobCrypt has a legit unlock code to decrypt files, Avast’s NoobCrypt decryption tool can now unlock all known NoobCrypt versions.

Discussions

Next up

3 best numerical computing environment tools for professionals

Vladimir Popescu avatar. By: Vladimir Popescu
Less than a 1 minute read

In order to create complex projects that involve large mathematical equations and calculations, it is recommended that you use specialized software to do so. Fortunately […]

Continue Reading

Are you sure you want to add remove or change a mail account? [FIX]

Alexandra Miu avatar. By: Alexandra Miu
2 minute read

Are you sure you want to add, remove or change a mail account message can sometimes appear while using the Mail app. If this happens,  […]

Continue Reading

Invisible block glitch in Minecraft [INSTANT FIX]

Vladimir Popescu avatar. By: Vladimir Popescu
3 minute read

A wide number of Minecraft player have reported encountering a glitch that makes blocks invisible. Whenever this happens, the game doesn’t allow the player to […]

Continue Reading