The threat of ransomware has never been more real. In fact, 2016 was a record year. Here are some scary statistics from the past year put together by the folks at Barkly:
- Nearly 50 percent of organizations have been hit with ransomware
- 56,000 ransomware infections in March 2016, alone
- $209 million was paid to ransomware criminals just in Q1 2016
- The average ransom demand is now $679
If you're reading this, we're guessing you've been hit and you're probably wondering what to do next.
Every strain has its own unique ransom note but the message boils down to the cybercriminals telling you it's your money or your files. It doesn't have to be that way! Security pros are constantly trying to stay a step ahead of threat actors developing the ransomware, but it's a never-ending cycle. That said, there are free decryptors you can try for several different strains.
Not sure which type you've been infected with or don't see it here? Head over to ID Ransomware, upload your ransom note and a sample encrypted file to find out what is known about that particular variant to date. Here is a working list of 100+ free ransomware decryptors that will be updated regularly :
- .777
- .8lock8
- 73v3n/73v3n-HONE$T
- Agent.iih (Rakhni Decryptor)
- Al-Namrood
- Alcatraz Locker
- Alma
- Alpha/AlphaLocker
- Apocalypse
- ApocalypseVM
- Alternative
- Aura (Rakhni Decryptor)
- AutoIt (Rannoh Decryptor)
- AutoLocky
- BadBlock
- Alternative
- Bart
- BitCryptor (CoinVault Decryptor)
- BitKangoroo
- Bitman (Rakhni Decryptor)
- BitStak
- BTCWare
- Cerber V1
- Chimera
- Alternative
- CoinVault
- Cryaki (Rannoh Decryptor)
- Crybola (Rannoh Decryptor)
- CrypBoss
- Crypren
- Crypt38
- Crypt888
- CryptInfinite
- CryptoDefense
- CryptoHost (aka Manamecrypt)
- Cryptokluchen (Rakhni Decryptor)
- CryptoTorLocker
- CryptXXX
- CrySIS
- CTB-Locker
- CuteRansomware
- DeCrypt Protect
- Democry (Rakhni Decryptor)
- Derialock
- DMALocker
- DMALocker2
- DynA-Crypt
- Fabiansomware
- FenixLocker
- Fury (Rannoh Decryptor)
- GandCrab
- GhostCrypt
- Globe/Purge
- Alternative
- Globelmposter
- Gomasom
- Harasom
- Hidden Tear
- HydraCrypt
- Jigsaw/CryptoHit
- Alternative
- KeRanger
- KeyBTC
- KimcilWare
- Lamer (Rakhni Decryptor)
- LeChiffre
- Alternative
- Legion
- Linux.Encoder
- Lock Screen
- Locker
- Lortok (Rakhni Decryptor)
- Marlboro
- Marsjoke aka Polyglot (Rannoh Decryptor)
- Merry Christmas/MRCR
- Mircop
- Alternative
- Nanolocker
- Nemucod
- Alternative
- NMoreira
- NoobCrypt
- ODCODC
- OpenToYou
- Operation Global III
- OzozaLocker
- PClock
- Petya
- Philadelphia
- PHP Ransomware
- PizzaCrypts
- Pletor (Rakhni Decryptor)
- Pompous
- Popcorn
- PowerWare/PoshCoder
- Radamant
- Rakhni
- Rannoh
- Rector
- Rotor (Rakhni Decryptor)
- Scraper
- Shade
- SNSLocker
- SZFlocker
- Stampado + Alternative
- Telecrypt
- TeslaCrypt
- Alternative
- TM Ransomware
- TorrentLocker
- UmbreCrypt
- Wildfire
- Alternative
- XORBAT
- XORIST
- Alternative
BEFORE you attempt to use one of these decryptors, please do your due diligence. All types of ransomware are different and safe decryption is a highly technical process, so it's very important that you know exactly what you're dealing with.
Even though these are great tools, there is no guarantee your ransomware infection can be fixed. You basically have 4 response options after an attack happens.:
- Restore from a recent backup
- Decrypt your files using a 3rd party decryptor
- Do nothing (lose your data)
- Negotiate / Pay the ransom
It is highly recommended that you read through our ransomware hostage rescue manual for a more in-depth explanation of what to do next and more importantly, how to prevent this in the future. If you want to know even more, we recently did a webinar series covering this manual, see the first part here.
Don't be a victim again! Get your Ransomware Hostage Rescue Manual.
Get the most informative and complete hostage rescue manual on Ransomware. This 20-page manual is packed with actionable info that you need to prevent infections, and what to do when you are hit with malware like this. You also get a Ransomware Attack Response Checklist and Prevention Checklist. You will learn more about:
- What is Ransomware?
- Am I Infected?
- I’m Infected, Now What?
- Protecting Yourself in the Future
- Resources
Don’t be taken hostage by ransomware. Download your rescue manual now!
Or cut & paste this link in your browser: http://info.knowbe4.com/ransomware-hostage-rescue-manual-0
