Thanks to the experts at Emsisoft the victims of the Ims00rry ransomware can decrypt their files for free.
The Ims00rry ransomware used AES-128 algorithm for the encryption process. Unlike most of the ransomware, Ims00rry and doesn’t append an extension to the filenames of the encrypted files. Instead, the ransomware adds the text “—shlangan AES-256—” before the contents of the files. Authors of the malware ask the victim to contact them through the Telegram account @Ims00rybot.
Crooks demands a 50$ ransom worth of Bitcoin to decrypt the files.
Below the text of the ransom note:
I am sorry!!!
My friend. I want to start my own business, but i have no money.
All your files photos, databases, documents and other important are encrypted with strongest encryption and algorithms RSA 4096, AES-256.
If you want to restore your files payment and write to Telegram bot
Price decrypt software is $50.
Attention!!!
Do not rename or move the encrypted files.
Bitcoin wàllet:
1tnZbveCXmqRS1gfZSxztG5MbdJhptaqu
Contact Telegram bot:
@Ims00rybot
Emsisoft release the detailed usage guide for the decryptor that is available here.
In May Emsisoft experts released free Decrypter tools for other threats, the JSWorm 2.0 and GetCrypt.
[adrotate banner=”9″] | [adrotate banner=”12″] |
(SecurityAffairs – ransomware, malware)
[adrotate banner=”5″]
[adrotate banner=”13″]
The MITRE Corporation revealed that a nation-state actor compromised its systems in January 2024 by…
China-linked threat actors are preparing cyber attacks against U.S. critical infrastructure warned FBI Director Christopher…
The United Nations Development Programme (UNDP) has initiated an investigation into an alleged ransomware attack…
BlackBerry reported that the financially motivated group FIN7 targeted the IT department of a large…
An international law enforcement operation led to the disruption of the prominent phishing-as-a-service platform LabHost.…
Russia-linked APT Sandworm employed a previously undocumented backdoor called Kapeka in attacks against Eastern Europe since…
This website uses cookies.