The number of ransomware attacks reported around the world grew unexpectedly, so cybersecurity firms, ethical hackers and law enforcement agencies have had to increase their efforts increasingly to combat this malicious practice.
Emsisoft is one of the most active firms in the fight against encryption malware, and its researchers are constantly launching new tools to decrypt blocked information with ransomware. This time, the firm has revealed a tool to remove encryption from PwndLocker, a dangerous ransomware variant that has attacked hundreds of public and private companies.
The first reports of this ransomware emerged in late 2019, gaining notoriety for the attack on Lasalle County, Illinois. According to reports, threat actors demanded a ransom of 50 Bitcoin (about $420k USD) from the county in exchange for releasing the information.
During the release of the decryption tool, Emsisoft security team mentioned: “We have resorted to searching for the executable of the ransomware used during a real attack to get the development of the tool”. Even though PwndLocker removes the executable after completing the infection, it is possible to recover it using some specialized tools.
Victims of this ransomware may find the tool available at the following link. It should be remembered that this development is only functional for current versions of PwndLocker, as the developers of the ransomware could update their code as soon as possible.
It may be a problem for affected users to identify the malware variant that has infected them, although this has a solution. No More Ransom is an online platform that helps victims identify what kind of ransomware is present on their systems, as well as providing information about known versions of the malware and whether there is a decryption tool. No More Ransom also provides step-by-step information on the correct use of the tools, so it is vital that ransomware victims come to this site before paying the hackers.
He is a cyber security and malware researcher. He studied Computer Science and started working as a cyber security analyst in 2006. He is actively working as an cyber security investigator. He also worked for different security companies. His everyday job includes researching about new cyber security incidents. Also he has deep level of knowledge in enterprise security implementation.