Malware of this type could encrypt more files or infect other computers connected to a local network. It is strongly recommended not to pay the attackers because they might not provide a decryption tool.Īlso, victims should eliminate ransomware as soon as possible. The only way to recover files without paying a ransom is to restore them from a backup. There is no third-party tool that can decrypt files encrypted by Extortionist ransomware.
That file should not be lost because without it, victims will not be able to restore files. The "Decrypt-me.txt" text file instructs victims to send the "prvkey*.txt.key" file that can be located in "C:\ProgramData\" folder (this folder could be located in another drive) to or email.
Screenshot of a message encouraging users to pay a ransom to decrypt their compromised data: Extortionist is part of the ransomware family called VoidCrypt. For example, it renames " 1.jpg" to " " 2.jpg" to " it creates the " Decrypt-me.txt" file containing instructions on how to contact the attackers. Extortionist ransomware encrypts files and appends the email address, a string of ransom characters, and the ".
0 kommentar(er)
