Researchers at Emsisoft developed a decryptor for the Planetary Ransomware family that could allow victims to decrypt their files for free.
Good news for the victims of the Planetary Ransomware, security firm Emsisoft has released a decryptor that allows victims to decrypt their files for free.
The name Planetary ransomware comes from the use of the names of planets for the extensions the malicious code adds to the file names of encrypted files (i.e. .mira, .yum, .Pluto, or .Neptune)
The latest variant of the Planetary malware appends the .mira extension to the names of the encrypted files. The name is a fictitious planet name mentioned in the Xenoblade Chronicles X video game.
Victims of the ransomware need to have a copy of the ransom note created when their systems were infected. The ransom note, named !!!READ_IT!!!.txt, is created in each folder that contains files encrypted by the threat and on of course on the desktop.
Decryption is very simple, victims have to download the decrypt_Planetary.exe program from the following link:
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer.
Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US.
Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines.
Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.