The threat of ransomware has never been more real. In fact, 2016 was a record year. Here are some scary statistics from the past year put together by the folks at Barkly:
- Nearly 50 percent of organizations have been hit with ransomware
- 56,000 ransomware infections in March 2016, alone
- $209 million was paid to ransomware criminals just in Q1 2016
- The average ransom demand is now $679
If you're reading this, we're guessing you've been hit and you're probably wondering what to do next.
Every strain has its own unique ransom note but the message boils down to the cybercriminals telling you it's your money or your files. It doesn't have to be that way! Security pros are constantly trying to stay a step ahead of threat actors developing the ransomware, but it's a never-ending cycle. That said, there are free decryptors you can try for several different strains.
Not sure which type you've been infected with or don't see it here? Head over to ID Ransomware, upload your ransom note and a sample encrypted file to find out what is known about that particular variant to date. Here is a working list of 100+ free ransomware decryptors that will be updated regularly :
.8lock8
73v3n/73v3n-HONE$T
Agent.iih (Rakhni Decryptor)
Al-Namrood
Alcatraz Locker
Alma
Alpha/AlphaLocker
Apocalypse
ApocalypseVM + Alternative
Aura (Rakhni Decryptor)
AutoIt (Rannoh Decryptor)
AutoLocky
BadBlock + Alternative
Bart
BitCryptor (CoinVault Decryptor)
BitKangoroo
Bitman (Rakhni Decryptor)
BitStak
BTCWare
Cerber V1
Chimera + Alternative
CoinVault
Cryaki (Rannoh Decryptor)
Crybola (Rannoh Decryptor)
CrypBoss
Crypren
Crypt38
Crypt888
CryptInfinite
CryptoDefense
CryptoHost (aka Manamecrypt)
Cryptokluchen (Rakhni Decryptor)
CryptoTorLocker
CryptXXX
CrySIS
CTB-Locker
CuteRansomware
DeCrypt Protect
Democry (Rakhni Decryptor)
Derialock
DMALocker
DMALocker2
DynA-Crypt
Fabiansomware
FenixLocker
Fury (Rannoh Decryptor)
GandCrab
GhostCrypt
Globe/Purge + Alternative
Globelmposter
Gomasom
Harasom
Hidden Tear
HydraCrypt
Jigsaw/CryptoHit + Alternative
KeRanger
KeyBTC
KimcilWare
Lamer (Rakhni Decryptor)
LeChiffre + Alternative
Legion
Linux.Encoder
Lock Screen
Locker
Lortok (Rakhni Decryptor)
Marlboro
Marsjoke aka Polyglot (Rannoh Decryptor)
Merry Christmas/MRCR
Mircop + Alternative
Nanolocker
Nemucod + Alternative
NMoreira
NoobCrypt
ODCODC
OpenToYou
Operation Global III
OzozaLocker
PClock
Petya
Philadelphia
PHP Ransomware
PizzaCrypts
Pletor (Rakhni Decryptor)
Pompous
Popcorn
PowerWare/PoshCoder
Radamant
Rakhni
Rannoh
Rector
Rotor (Rakhni Decryptor)
Scraper
Shade
SNSLocker
SZFlocker
Stampado + Alternative
Telecrypt
TeslaCrypt + Alternative
TM Ransomware
TorrentLocker
UmbreCrypt
Wildfire + Alternative
XORBAT
XORIST + Alternative
BEFORE you attempt to use one of these decryptors, please do your due diligence. All types of ransomware are different and safe decryption is a highly technical process, so it's very important that you know exactly what you're dealing with.
Even though these are great tools, there is no guarantee your ransomware infection can be fixed. You basically have 4 response options after an attack happens.:
- Restore from a recent backup
- Decrypt your files using a 3rd party decryptor
- Do nothing (lose your data)
- Negotiate / Pay the ransom
It is highly recommended that you read through our ransomware hostage rescue manual for a more in-depth explanation of what to do next and more importantly, how to prevent this in the future. If you want to know even more, we recently did a webinar series covering this manual, see the first part here.
Don't be a victim again! Get your Ransomware Hostage Rescue Manual.
Get the most informative and complete hostage rescue manual on Ransomware. This 20-page manual is packed with actionable info that you need to prevent infections, and what to do when you are hit with malware like this. You also get a Ransomware Attack Response Checklist and Prevention Checklist. You will learn more about:
- What is Ransomware?
- Am I Infected?
- I’m Infected, Now What?
- Protecting Yourself in the Future
- Resources
Don’t be taken hostage by ransomware. Download your rescue manual now!
Or cut & paste this link in your browser: http://info.knowbe4.com/ransomware-hostage-rescue-manual-0