Decrypme Ransomware Description
The .decrypme ransomware is a new variant of the infamous MedusaLocker Ransomware. However, it comes with a new extension added to affected data - .decrypme – which is now joining the lines of older appendices such as .bomber, .locker16, .skynet, .boroff, .breakingbad, etc.
In accordance with older MedusaLocker attacks, the new Decrypme ransomware is likely to apply a strong AES encryption algorithm in order to encrypt the targeted user’s data, and then use a public RSA-2048 key to encrypt the encryption key. The crooks in charge of Decrypme use the crypto-virus to encrypt dozens of popular file types, including documents and multimedia files in particular.
The Ransom Note
Unlike older MedusaLocker threats whose ransom note was dubbed 'HOW_TO_RECOVER_DATA.html,' the Decrypme Ransomware note bears a slightly modified name – 'HOW_TO_OPEN_FILES.html.' Nevertheless, there’s little to no difference between the two notes. Here’s the text of the Decrypme Ransomware ransom note:
'All your data are encrypted!
Your files are encrypted, and currently unavailable.
You can check it: all files on you computer has new expansion.
By the way, everything is possible to recover (restore), but you need to buy a unique decryptor. Otherwise, you never cant return your data.
For purchasing a decryptor contact us by email:
If you will get no answer within 24 hours contact us by our altemate emails: decodet-83540gcock.li
Its just a business. If we do not do our work and liabilities - nobody will not cooperate with us.
To verify the possibility of the recovery of your files we can decrypted 1 file for free.
Attach 1 file to the letter (no more than 10Mb). Indicate your personal ID on the letter:
C941)9E11FDA491C4EE47SAS,9605C7SEE4E01S3C581C48,EA:CF192213CSOKDDSOBE.C8468F1FC44C4C7.789AZIFSSA9SC93C7C41SS0680PFAFIAAAAA44F7C6A SO4S, 'ISF 39531E.' 3.87 31X1D8.- -SCSFFA 422675, :489F37 6FE1D28, 20F78C89 ECA3CF9EX- 8F09F4A 8E992AE27•' • BCFXD3
- Attempts of change files by yourself will result in a loose of data.
- Our e-mail can be blocked over time. Write now, loss of contact with us will result in a loose of data.
- Use any third party software for restoring your data or antivirus solutions will result in a loose of data.
- Decryptors of other users are unique and will not fit your files and use of those will result in a loose of data.
- If you will not cooperate with our service - for us, its does not matter. But you will lose your time and data, cause just we have the private key.'
The Decrypme Ransomware hit the headlines in late-October 2019. Even though security researchers have yet to devise a decryption tool for infected users, dozens of AV programs have already been brought up-to-date so as to detect this threat.
Use SpyHunter to Detect and Remove PC Threats
If you are concerned that malware or PC threats similar to Decrypme Ransomware may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.
Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.