Avast launches four new ransomware decryptors

jayar.decenella@gmail.com' By: Jay Decenella
2 minute read

The rise of ransomware has given a whole new world of meanings to cyber threat. It’s now one of the dangerous malware forms in that it locks users out of their computer and important files using robust encryption tools. Unless you pay the amount demanded by attackers, you’ll have to look for other ways to recover your data. Fortunately, some of the major security vendors got your back with free decryption tools.

One such security firm is Avast, which recently released four new free tools to decrypt various types of ransomware. The company expanded its roster of decryptors for the new ransomware strains: Alcatraz Locker, CrySiS, Globe, and NoobCrypt. Avast is offering these tools free of charge. So the next time you’re hit with any of these ransomware attacks, check out Avast’s decryptors to retrieve your computer files.

Alcatraz Locker

The Alcatraz Locker ransomware first surfaced in November of this year. The ransomware is so called because of the eponymous extension name it appends to files it encrypts. But Alcatraz Locker is not like the typical ransomware in that it does not discriminate target files. That means the ransomware locks any file it can find in the victim’s computer. The ransomware targets only files in the %PROFILES% directory to avoid damaging the operating system, according to Avast.

Avast also belied the ransomware’s lock-screen message that says it uses the AES-256 encryption with a 128-bit password, noting that the password actually uses 128 bytes, not 128 bits. Alcatraz Locker then adds another layer of encryption to the locked files using BASE64.

Alcatraz Locker usually asks victims to pay 0.3283 Bitcoin, or roughly $240, to recover their files. With Avast’s new decryptor, it’s now free to retrieve your precious documents.

CrySiS

CrySiS has begun to infect computers in September 2015 using AES and RSA algorithms for encryption. Unlike other ransomware strains that contain a list of specific target files, CrySiS instead contains a list of files it won’t encrypt.

Globe

Globe started its operation in August 2016. The ransomware is written in Delphi and can be modified, thus the rise of many of its variants that uses various extensions to lock files. What is interesting about this ransomware, according to Avast, is the built-in debug mode. Globe uses RC4 or BlowFish encryption to lock documents.

NoobCrypt

Avast first spotted the NoobCrypt strain in July of this year. It is written in C# and uses AES256 encryption. The ransomware displays a confusing mix of messages: It requests payments in New Zealand Dollars, but also instructs victims to send payments to a Bitcoin address. Although NoobCrypt has a legit unlock code to decrypt files, Avast’s NoobCrypt decryption tool can now unlock all known NoobCrypt versions.

For various PC problems, we recommend this tool.

This software will repair common computer errors, protect you from file loss, malware, hardware failure and optimize your PC for maximum performance. Fix PC issues now in 3 easy steps:

  1. Download this PC Repair Tool rated "Excellent" on TrustPilot.com.
  2. Click “Start Scan” to find Windows issues that could be causing PC problems.
  3. Click “Repair All” to fix all issues with Patended Technologies (requires upgrade).

Next up

Best Windows 10 antivirus software to use in 2018

By: Radu Tyrsina
7 minute read

Update – 2018 will soon come to an end and we already have a guide on what is the best antivirus you should get in […]

Continue Reading

These features are out for good with Windows 10 version 1809

iamsovy@gmail.com' By: Sovan Mandal
2 minute read

Microsoft is all set to launch its next big update, Windows 10 version 1809 in October. While that should be a nice piece of news […]

Continue Reading

Windows 10 18H2 builds no longer receive new features

By: Matthew Adams
3 minute read

The Windows 10 October 2018 Update (otherwise 18H2) rollout might now be two to three weeks away. For the last few months, new build previews […]

Continue Reading

Discussions