Jump to content

Featured Replies

Posted

Emsisoft is spoiling ransomware victims this Christmas, as their researcher, Fabian Wosar, has released yet another tool capable of decrypting files locked by ransomware, this time by the Radamant Ransomware Kit (Radamant, in some cases referred to as Ramadant due to incorrect spelling).

 

The tool, called DecryptRadamant, is available via EmsiSoft's website and works exactly like the tools Mr. Wosar released for victims that had their files encrypted by the DecryptorMax and the Gomasom ransomware families.

 

Unlike previous decryption tools, the one for Radamant does not need to analyze and compare an encrypted file with an unencrypted version to extract the decryption key.

 

Mr. Wosar was able to find a weakness in the Radamant ransomware's encryption algorithm, and leveraging this issue, he could create the DecryptRadamant tool to automate the decryption process.

 

Users have to download the tool, run it, go through the license agreement, choose the folders where the ransomware encrypted files, click "Decrypt," and wait.

Depending on how many files the ransomware encrypted, this can take from minutes to more than a day.

 

If you're a ransomware victim but can't tell what ransomware family infected your PC, the clues are generally left in the encrypted file names.

Radamant adds the .RDM file extension to each file it encrypts.

 

If you encounter any problems, there's a support topic on the Bleeping Computer forums, a place where Mr. Wosar often roams and helps ransomware victims.

 

f8682c100776172dbd01dc313e6451ef.jpg

 

f3388fcfff5952de9e94a539912569e1.jpg

 

 

Source:

http://news.softpedia.com/news/radamant-ransomware-decrypted-files-can-be-retrieved-for-free-498070.shtml#sgal_1

76c90dd0e79a714317a8daeecc1584d2.png

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...