Security software maker Kaspersky released on Tuesday (10) a free tool permissive hijacked file recovery fur Yanluowang ransomware. Spread through cyberattacks, this malware has attacked companies around the world, including in Brazil, where it encrypts files, blocks access to systems, and forces victims to pay a ransom to release data.
A nod to the Chinese god of hell Yanluo Wang, Yanlouwang ransomware starts with file encryption manually done by the malicious code operator. The malware does this by changing all extensions to “.yanlouwang”. An open access file is then left as a ransom note.
Usually, hackers make threats saying that if victims go to the police, all files on the infected system will be deleted or exposed immediately. To pay the ransom or notCriminals will continue to blackmail the company with denial of service (DDoS) attacks and threats to plant ransomware on employees’ personal computers.
How to get Kaspersky’s tool to neutralize Yanlouwang ransomware?
Kaspersky experts analyzed the Yanluowang ransomware code and identified a vulnerability that could be used to unlock compromised files. For this, the victim needs to have one or more original files and download the decryption tool. The company is making it available for free to recover data.
According to Fabio Assolini, senior security analyst at Kaspersky in Brazil, “it is becoming increasingly rare to recover files locked by ransomware without having to pay the ransom, so this case is a special case”.
how to use the tool
Kaspersky has added Yanluowang decryptor to its “No Ransom Kaspersky Rannoh Decryptor” tool. To download the tool, simply access the No Ransom website, a project created by Kaspersky to globally share solutions that can neutralize ransomware threats.
Source: Tec Mundo