Emsisoft released a new free decryption tool for the Avest ransomware

September 27, 2019  By Pierluigi Paganini


Emsisoft security firm has released a new free decryption tool for the Avest ransomware, a few days after the release of WannaCryFake decryptor.

Emsisoft security firm has released a new free decryption tool for the Avest ransomware, a few days ago the researchers also released a free decryptor for the WannaCryFake ransomware.

The Avest ransomware encrypts victim’s files and appends the extension “.ckey().email().pack14” to the filename.

Below the text of the ransom note “!!!Readme!!!Help!!!.txt” that the ransomware drops on the infected systems:

"Problems with your data? Contact us: data1992@protonmail[.]com key: <victim specific>”

The decryption tool could be used by the victims only after they have successfully removed the malware from their system to avoid that the Avest ransomware will repeatedly lock the machine or will encrypt files.

“The decryptor requires access to a file pair consisting of one encrypted file and the original, unencrypted version of the encrypted file to reconstruct the encryption keys needed to decrypt the rest of your data.” reads the user guide published by Emsisoft. “Please do not change the file names of the original and encrypted files, as the decryptor may perform file name comparisons to determine the correct file extension used for encrypted files on your system.”

Victims of the Avest ransomware can download the decryptor tool here:

https://www.emsisoft.com/ransomware-decryption-tools/avest

In August, security researchers at Emsisoft released a decryptor tool that allows the victims of the JSWorm 4.0 ransomware to decrypt their files for free. In May Emsisoft experts released a free Decrypter tool for the JSWorm 2.0 variant.

In July the company released other free decryptors for the LooCipher ransomware, the ZeroFucks ransomware, and the Ims00rry ransomware.

Pierluigi Paganini

(SecurityAffairs – Avest ransomware, hacking)



Pierluigi Paganini
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.





You might also like





  • Sponsored Content

  • Digging the Deep Web: Exploring the dark side of the web

    Digging The Deep Web

  • Sponsored Content

  • Sponsored Content

  • Sponsored Content



More Story

DoorDash Data Breach exposes data of approximately 5 million users

 DoorDash is a San Francisco–based on-demand food delivery service, the company confirmed it has suffered a data breach...