Weliton Queiroga 0 Posted May 22, 2019 Share Posted May 22, 2019 (edited) Boa tarde, gostaria de falar a respeito do vírus que recentemente vem tirando o sono de varias pessoas, que é o vírus ransomware que usa criptografia para transformar os todos os tipos comuns de arquivos em arquivos .ferosas. Gostaria de saber, se já estão cientes do vírus e se já está sendo procurada uma solução para isso. Aparentemente os antivírus não identificam os tipos de arquivos que são danificados como vírus. Machine translation: I would like to talk about the virus that has recently been taking the sleep of several people, which is the ransomware virus that uses encryption to turn all common types of files into .file files. I wonder if they are already aware of the virus and whether a solution is already being sought. Antivirus software apparently does not identify the types of files that are damaged as viruses. Edited May 22, 2019 by Marcos Machine translation added Link to comment Share on other sites More sharing options...
Administrators Marcos 5,074 Posted May 22, 2019 Administrators Share Posted May 22, 2019 Since this is an English forum, we kindly ask you to post in English. If you don't speak English well, you can use a machine translator. As for your question, the files were most likely encrypted by Filecoder.STOP. Decryption for this variant is not currently possible. Do you have a license for an ESET product? If so, which one and what version have you had installed? Link to comment Share on other sites More sharing options...
itman 1,659 Posted May 22, 2019 Share Posted May 22, 2019 Also a CryptoMix ransomware variant has used the .file extension in encrypting files as noted here: https://www.bleepingcomputer.com/news/security/file-cryptomix-ransomware-variant-released/ . And this article dates to Dec., 2017. It also may be possible to decrypt the files: Quote According to the Technical analysis of CryptoMix/CryptFile2 ransomware by CERT Polska Team there is a cryptographic flaw in encryption and they are sometimes able to decrypt CryptoMix only if files were encrypted with a vulnerable version. You can contact CERT Polska at cert@cert.pl for possible assistance. https://www.bleepingcomputer.com/forums/t/611907/cryptomix-or-crypmix-ransomware-help-topic-revenge-cryptoshield-extensions/?p=4407779 Link to comment Share on other sites More sharing options...
Recommended Posts