0

I've spent several hours searching the internet to see if anyone has cracked this encryption yet, but without any luck. I don't want to reward criminals for their activity, but I do have a few files that I absolutely need. Besides finding a decryptor or paying the ransom, do I have any other options for recovering my files? I have been able to successfully restore a couple of systems from backups, but my personal system wasn't backed up and has temporarily housed important files.

I'm somewhat familiar with best practices of backing up important files and/or saving to the cloud, but I will definitely be more vigilant in the future. It was mostly due to the 'it will never happen to me' mindset.

Relevant information:

  • I've identified how they got in, and have reset the password on that account (and all other accounts just in case).
  • I did have malware bytes and sophos installed. Looking at the Event Viewer, there are logs of both of these software being successfully uninstalled.
  • The files are renamed like this: originalFileName.orig.[8-digit-hex].[ruthlessencry@qq.com].makop
  • The ransom note file says to contact them at ruthlessencry@qq.com to pay them in bitcoins.
  • They'll decrypt a couple of files for free, and then send me a scanner-decoder program after being paid.
lancew
  • 101
  • 1
  • 3
    Does this answer your question? [Help! Ransomware encrypted my files. What do I do now?](https://security.stackexchange.com/questions/225873/help-ransomware-encrypted-my-files-what-do-i-do-now) – user Jun 03 '20 at 19:33
  • I did see that. I'm hoping (against reason) that somehow somebody knows something about makop that I've been unable to find. – lancew Jun 03 '20 at 19:37
  • Unfortunately you know enough to answer your question. Unless you find a decryptor you're due to gauge the value of your data and whether you can loose it. – Pedro Jun 03 '20 at 22:01

0 Answers0