Good news for the victims of the ZQ Ransomware, security experts at Emisisoft have released a free decryptor tool that allows them to decrypt files for free.
ZQ Ransomware infected users in the US, India, Polland, Brazil and the UK.
The ZQ Ransomware encrypts victim’s files using the Salsa20 and RSA-1024 algorithms. The malware adds the extension “.[w_decrypt24@qq.com].zq” to the encrypted files.
The ransomware drops a ransom note “{HELP__DECRYPT}.txt” on the victims’ machines, it includes payment instructions. Victims can contact operators behind the ransomware sending a message to the email address “w_decrypt24@qq.com”.
“Below the text of the ransom note “All of _our files are encr_pted* to decr_pt them write me to email::w_decrypt24@qq.com
Your key:
[redacted]”
In order to decrypt the files, victims need to provide an encrypted file and original file to decrypt. The Decryptor tool is available at the following link:
https://www.emsisoft.com/decrypter/zq
Below the step by step procedure:
Emsisoft has recently released several tools to help victims of several ransomware, including the CryptoPokemon ransomware, the Planetary Ransomware, the Hacked Ransomware, and the PewDiePie ransomware.
[adrotate banner=”9″] | [adrotate banner=”12″] |
(SecurityAffairs – ransomware, decryptor)
[adrotate banner=”5″]
[adrotate banner=”13″]
Nation-state actor UAT4356 has been exploiting two zero-days in ASA and FTD firewalls since November…
A malware campaign has been exploiting the updating mechanism of the eScan antivirus to distribute…
The Treasury Department's Office of Foreign Assets Control (OFAC) sanctioned four Iranian nationals for their…
A cyber attack on Leicester City Council resulted in certain street lights remaining illuminated all…
The National Police Agency in South Korea warns that North Korea-linked threat actors are targeting…
The U.S. Department of State imposed visa restrictions on 13 individuals allegedly linked to the…
This website uses cookies.