Jump to content

Infected by ransomware gebdp3k7bolalnd4.onion._

Recommended Posts


our user infected by ransomware and encrypt files to extention gebdp3k7bolalnd4.onion._
Eset already install in this computer and updated.



To decrypt your files you need to buy the special software. To recover data, follow the instructions!
You can find out the details/ask questions in the chat:
https://gebdp3k7bolalnd4.onion.to (not need Tor)
https://gebdp3k7bolalnd4.onion.cab (not need Tor)
https://gebdp3k7bolalnd4.onion.nu (not need Tor)

You ID:

If the resource is not available for a long time, install and use the Tor-browser:
1. Run your Internet-browser
2. Enter or copy the address https://www.torproject.org/download/download-easy.html in the address bar of your browser and press key ENTER
3. On the site will be offered to download the Tor-browser, download and install it. Run.
4. Connect with the button "Connect" (if you use the English version)
5. After connection, the usual Tor-browser window will open
6. Enter or copy the address hxxp://gebdp3k7bolalnd4.onion in the address bar of Tor-browser and press key ENTER
7. Wait for the site to load

If you have any problems installing or using, please visit the video tutorial https://www.youtube.com/watch?v=gOgh3ABju6Q


is Eset already detect this ransomware?

Eset have decrypt tools for this ransomware?

i try use https://decrypter.emsisoft.com/cry128 but failed.

plese help

thank you,

Edited by macros
Link to comment
Share on other sites

I also experienced similar things.
All data changed to extension .id_1841168219_gebdp3k7bolalnd4.onion._

And the worst is unfortunately I do not have a backup file

Hopefully Emsisoft can immediately figure out how to decrypt.. :(

Link to comment
Share on other sites

  • 4 weeks later...
  • Administrators

If you have a binary file that encrypted files, please submit it to samples[at]eset.com along with some examples of encrypted files (ideally Office documents).

Link to comment
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...