As with GOG, malware such as Erebus, OpenToYou, EdgeLocker, and many others, also encrypt files and make ransom demands. GOG shares many similarities with dozens of other ransomware-type viruses. Screenshot of a message encouraging users to pay a ransom to decrypt their compromised data: Therefore, the only solution is to restore your files/system from a backup. There are currently no tools capable of cracking RSA-4096 cryptography and restoring files compromised by GOG ransomware. It is highly probable that paying will not deliver any positive result - you will simply be scammed. Never pay any ransom or attempt to contact these people. Research shows that these people often ignore victims, despite payments made. In any case, never trust cyber criminals. If the ransom is not paid within the time frame, the private key is permanently deleted and decryption becomes impossible. 3 Bitcoin (approximately $305), however, it is also stated that payment must be submitted within a certain time frame (which is not specified), otherwise the price will double.
To submit payment, victims must follow the instructions provided on GOG's website (link provided in the ransom-demand message). RSA-4096 is an asymmetric encryption algorithm and, thus, public (encryption) and private (decryption) keys are generated during the encryption process.ĭevelopers store the private key on a remote server and generate revenue by selling it to victims. Unfortunately, this information is accurate. The message states that files are encrypted using asymmetric cryptography and that they can only be restored using a unique private key. The file contain a ransom-demand message. Following successful encryption, GOG changes the desktop wallpaper and creates a text file (" DecryptFile.txt"), placing it on the desktop. L0CKED" extension to the name of each file.įor example, " sample.jpg" is renamed to " 0CKED". GOG is ransomware-type malware designed to encrypt files using RSA-4096 cryptography.
0 kommentar(er)
