Emsisoft Release Free Decryption Tool For AstraLocker And Yashma Ransomware

Share post:

The New Zealand cybersecurity company Emsisoft has released a free decryptor for AstraLocker and Yashma ransomware. Victims can access the tool via the servers of Emsisoft. A detailed procedure on how to use the tool was also provided.

“Be sure to quarantine the malware from your system first, or it may repeatedly lock your system or encrypt files. By default, the decryptor will pre-populate the locations to decrypt with the currently connected drives and network drives. Additional locations can be added using the ‘Add’ button,” warned Emsisoft.

The decryptor provided by Emsisoft allows users to keep files encrypted in the attack as failsafe if the decrypted files are not similar to the original documents.

Emsisoft advised victims whose systems were compromised via Windows Remote Desktop to change the passwords for all user accounts that have permissions to log in remotely. The security company also advised victims to log in remotely and look for other local accounts the ransomware operators might have added.

“The AstraLocker decryptor is for the Babuk-based one using .Astra or .babyk extension, and they released a total of 8 keys. The Yashma decryptor is for the Chaos-based one using .AstraLocker or a random. [a-z0-9] {4} extension, and they released a total of 3 keys,” Emsisoft added.

The sources for this piece include an article in BleepingComputer.

SUBSCRIBE NOW

Related articles

North Korean Job Scam Targeting IT Job Seekers

North Korea’s Lazarus advanced persistent threat (APT) group has launched a sophisticated campaign, “Operation 99,” targeting freelance software...

Hackers Exploit FastHTTP in High-Speed Microsoft 365 Attacks

Threat actors are employing the FastHTTP Go library to launch high-speed brute-force password attacks on Microsoft 365 accounts...

YouTubers Targeted As Cyberattackers Hide Infostealers in YouTube Comments, Google Search Results

Attackers have found a new way to infect people seeking pirated or cracked software: planting malicious download links...

New macOS Malware Exploits Apple’s Security Features to Stay Hidden and Steal User Data

A newly discovered variant of the Banshee macOS Stealer malware is putting 100 million Apple users at risk...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways