Discussion on BadBlock Ransomware and Emsisoft Decryptor Release

[holdum333]

Hi I'm not a expert on these things, but I found this while searching. Don't know if it's any good, but thought I would post it here and get thoughts of the members here!
Move delete or what ever is appropriate.
BadBlock encrypts System Files. Decryptor Released by Emsisoft

 

[RichM]

It's brand new and Emsisoft does have a whole slew of decryptors that now will free most files from
the deadly Crypto Locker and its compadres.
Download a free Emsisoft Decrypter for the latest file encryption ransomware

 

[Neemobeer]

I'm very skeptical these will work. For one, lots of these ransomware malware generate the private key on a server, so you never see it on the wire. When I say "on the wire" I mean some ransomware will generate the private cert client side and transmit it and if your network has network monitoring you can extract the key to decrypt. The only case these descriptors would work is if the authorities had seized the bad guys servers and have access to the private keys.

 

[RichM]

Don't be. On a Linkedin Forum I'm on, an alert shop owner used a new Eset program aimed at
Crypto Locker captured files and effortlessly removed the encryption.

 

[Neemobeer]

It probably doesn't remove the encryption then, it more likely has a file system filter driver that intercepts the encryption process and reverts the file back then. That would be do able.