Comments on: CryptoDefense: The story of insecure ransomware keys and self-serving bloggers https://www.emsisoft.com/en/blog/6032/cryptodefense-the-story-of-insecure-ransomware-keys-and-self-serving-bloggers/ Straight-talking security advice from the Malware Experts Thu, 30 Dec 2021 20:47:12 +0000 hourly 1 By: PlayStation 4 Pro https://www.emsisoft.com/en/blog/6032/cryptodefense-the-story-of-insecure-ransomware-keys-and-self-serving-bloggers/#comment-788390 Tue, 15 Aug 2017 14:11:50 +0000 http://blog.emsisoft.com/?p=6032#comment-788390 PlayStation 4 Pro

[…]The details talked about within the post are a few of the ideal obtainable […]

]]>
By: PitKoz https://www.emsisoft.com/en/blog/6032/cryptodefense-the-story-of-insecure-ransomware-keys-and-self-serving-bloggers/#comment-424192 Wed, 15 Apr 2015 20:03:00 +0000 http://blog.emsisoft.com/?p=6032#comment-424192 …the attack is spreading.. today I got my comp infected and got all archive files encrypted with ransom offer. there is some kind of global action against this attack by Kaspersky.. but even the Tor network address is not available… can you help ? among this are my son pictures… he is not with me anymore…

]]>
By: plundrigan https://www.emsisoft.com/en/blog/6032/cryptodefense-the-story-of-insecure-ransomware-keys-and-self-serving-bloggers/#comment-388102 Sat, 07 Feb 2015 07:41:00 +0000 http://blog.emsisoft.com/?p=6032#comment-388102 Does anyone know if it is possible on the infected computer, to pull the key using data recovery techniques. Does the new CryptoWall 3.0 still create the key in the RSA folder and then delete it?

]]>
By: seba https://www.emsisoft.com/en/blog/6032/cryptodefense-the-story-of-insecure-ransomware-keys-and-self-serving-bloggers/#comment-387635 Fri, 06 Feb 2015 15:35:00 +0000 http://blog.emsisoft.com/?p=6032#comment-387635 Please help to decrypt files infected width CryptoWall 3.0 ???? please help

]]>
By: Matthew Godson https://www.emsisoft.com/en/blog/6032/cryptodefense-the-story-of-insecure-ransomware-keys-and-self-serving-bloggers/#comment-167682 Sat, 28 Jun 2014 01:16:00 +0000 http://blog.emsisoft.com/?p=6032#comment-167682 boot into safe mode by pressing F8 about once per sec during startup..log onto your desktop into safemode. If it asked if you want to continue in safe mode say yes. The go to your control pannel add remove software and uninstall the software if possible. If not go to your start button in the lower right of your screen, then go to program files and see if it is there, if so hold your cursor over it and a new window may appear. If there is an uninstall option click that and try and do an uninstall and reboot. whether or not any suggestions above was completed, before reboot, click the start button, then go to programs, then accessories, the system tools, then system restore, and restore your computer to a time before you installed the progam. I.E. 1 month before. A system checkpoint is usually best and dont worry, no personal files will be lost.

]]>
By: Les virus "Cryptolocker" et "Zeus" sont morts... - Actual-IT.info https://www.emsisoft.com/en/blog/6032/cryptodefense-the-story-of-insecure-ransomware-keys-and-self-serving-bloggers/#comment-148668 Sat, 14 Jun 2014 18:46:03 +0000 http://blog.emsisoft.com/?p=6032#comment-148668 […] Cryptodefense – The story of insecure ransomware […]

]]>
By: musicmugger https://www.emsisoft.com/en/blog/6032/cryptodefense-the-story-of-insecure-ransomware-keys-and-self-serving-bloggers/#comment-115759 Thu, 29 May 2014 12:30:00 +0000 http://blog.emsisoft.com/?p=6032#comment-115759 I have been a paid subscriber with Emsisoft since it’s early A Squared days, and I have always had great support from the company. This is just another example why I continue to remain with them. Thanks for all your hard work guys, it’s much appreciated.

]]>
By: Aris Antonakis https://www.emsisoft.com/en/blog/6032/cryptodefense-the-story-of-insecure-ransomware-keys-and-self-serving-bloggers/#comment-104610 Sat, 24 May 2014 22:09:00 +0000 http://blog.emsisoft.com/?p=6032#comment-104610 Hi there, what about if i have the %appdata/roaming/microsoft/crypto/rsa generated file? Can i extract the public key using this file? And also there is decrypt application to restore infected filew from another computer ? (Not the infected). Thx in advance

]]>
By: dude https://www.emsisoft.com/en/blog/6032/cryptodefense-the-story-of-insecure-ransomware-keys-and-self-serving-bloggers/#comment-75802 Wed, 14 May 2014 07:41:00 +0000 http://blog.emsisoft.com/?p=6032#comment-75802 where do you guys buy bitcoins? (if you live outside the US and need this stuff FAST) it is threatening to delete the keys in the next two weeks!

]]>
By: Tony Chiu https://www.emsisoft.com/en/blog/6032/cryptodefense-the-story-of-insecure-ransomware-keys-and-self-serving-bloggers/#comment-75718 Wed, 14 May 2014 05:58:00 +0000 http://blog.emsisoft.com/?p=6032#comment-75718 In reply to Rolo.

Dear Rob,

After I paid the ransom, and submit the transaction ID, it take almost 10hrs to changed the status, and Yes, I can download the key and start decrypted by files
Until now it decrypted almost 60% of all files

]]>
By: Rolo https://www.emsisoft.com/en/blog/6032/cryptodefense-the-story-of-insecure-ransomware-keys-and-self-serving-bloggers/#comment-73979 Tue, 13 May 2014 09:45:00 +0000 http://blog.emsisoft.com/?p=6032#comment-73979 In reply to Tony Chiu.

Hi @tony_chiu:disqus and @disqus_tZ9C6s74ow:disqus I paid the ransom from Bitstamp yesterday and I was only able to find the transaction ID today which I have submitted on the ransom website over an hour ago. How long did it take until the transaction status changed from ‘not checked’ to something else? I sent an email to the ransom and still no response…

]]>
By: Rolo https://www.emsisoft.com/en/blog/6032/cryptodefense-the-story-of-insecure-ransomware-keys-and-self-serving-bloggers/#comment-73978 Tue, 13 May 2014 09:43:00 +0000 http://blog.emsisoft.com/?p=6032#comment-73978 In reply to Tony Chiu.

Hi

]]>