Decrypt Files Encrypted by HiddenTear Ransomware Variants - How to, Technology and PC Security Forum | SensorsTechForum.com
THREAT REMOVAL

Decrypt Files Encrypted by HiddenTear Ransomware Variants

OFFER

SCAN YOUR PC
with SpyHunter

Scan Your System for Malicious Files
Note! Your computer might be affected by HiddenTear and other threats.
Threats such as HiddenTear may be persistent on your system. They tend to re-appear if not fully deleted. A malware removal tool like SpyHunter will help you to remove malicious programs, saving you the time and the struggle of tracking down numerous malicious files.
SpyHunter’s scanner is free but the paid version is needed to remove the malware threats. Read SpyHunter’s EULA and Privacy Policy

password-header-stforumEDA2, BankAccountSummary, Mireware, 8lock8 – these are just some of the variants which root from the massive HiddenTear ransomware project. The viruses encrypt the files of compromised computers, leaving the user with no option but to pay ransom money to the cyber-crooks behind them to restore 100 percent access to the files. However, now, there has been a decryptor developed by the researchers demonslay335 and Michael Gilespie for all the HiddenTear variants, and what is even better is that it is free. Since many users may experience difficulties or hic-ups while removing these viruses and decrypting their files, we have decided to prepare detailed instructions on how to decode your files the proper way.

HiddenTear Ransomware Variants – Quick Overview

The HiddenTear is a ransomware project that was created by a Turkish coder, named Utku Sen, who has published it as an open source project online. This is an opportunity for most black hat coders because it does not take much skill to take the source code and restructure it into malware and then create the payload for it. This probably how the many variants of HiddenTear appeared online:

The many variants replicated globally via spam campaigns, infecting users and leaving them a very limited choice on what to do. Fortunately, now that there has been a decryptor released, named HiddenTear Bruteforcer, the files encoded by this virus can now be decoded for free.

HiddenTear Ransomware Variants – Decoding Instructions

The file-decryption process of HiddenTear ransomware is not as difficult, but you need to be prepared and do it from a safe computer that is powerful. Let’s begin!

Step 1: Download the HiddenTear BruteForcer by clicking on the button below and open the archive:

Download

HiddenTear Bruteforcer


1-hidden-tear-bruteforcer-download-sensorstechforum

Step 2: Extract the program onto your Desktop or wherever you feel comfortable to easily access it and open it as an administrator:

2-hidden-tear-bruteforcer-extract-sensorstechforum

Step 3: After opening it, you should see the main interface of the brute force. From there, choose “Browser Sample” to select a sample encrypted file of the type of ransomware you are trying to decrypt:

3-Hiddentear-sensorstechforum-bruteforcer-main-panel

Step 4: After this select the type of ransomware from the down-left expanding menu:

4-hidden-tear-choose-ransowmare-variant-sensorstechforum

Step 5: Click on the Start Bruteforce button. This may take some time. After the brute forcing is finished and the key is found, copy it and save it somewhere on your PC in a .txt file, you will need it later.

Step 6: Download the HiddenTear Decryptor from the download button below:

Download

HiddenTear Decrypter

Step 7: Extract it and open it, the same way with HiddenTear Bruteforcer. From it’s primary interface, paste the key copied from the BruteForcer, write the type of extension being used by the ransomware and click on the Decrypt button as shown below:

5-hiddentear-decrypter-password-decrypt-sensorstechforum

After these steps have been completed, you should immediately copy your files to an external device so that they are safe. After this has been done, we strongly recommend completely wiping your drives and reinstalling Windows on the affected machine.

HiddenTear Decryption – Conclusion

Viruses like the HiddenTear variants are becoming more and more common. Researchers, publish many projects online with the goal to stop ransomware, but this represents an opportunity to coders that develop ransomware and either start infecting users with it or put it up for sale in the deep web. With the expanding of ransomware variants lately, we predict seeing even more infected systems than the year 2015. This is why we advise you to follow our recommendations for securing your computer below:

Advice 1: Make sure to read our general protection tips and try to make them your habit and educated others to do so as well.
Advice 2: Install an advanced anti-malware program that has an often updated real-time shield definitions and ransomware protection.

Download

Malware Removal Tool


Spy Hunter scanner will only detect the threat. If you want the threat to be automatically removed, you need to purchase the full version of the anti-malware tool.Find Out More About SpyHunter Anti-Malware Tool / How to Uninstall SpyHunter

Advice 3: Seek out and download specific anti-ransomware software which is reliable.

Advice 4: Backup your files using one of the methods in this article.

Advice 5: : Make sure to use a secure web browser while surfing the world wide web.

Ventsislav Krastev

Ventsislav has been covering the latest malware, software and newest tech developments at SensorsTechForum for 3 years now. He started out as a network administrator. Having graduated Marketing as well, Ventsislav also has passion for discovery of new shifts and innovations in cybersecurity that become game changers. After studying Value Chain Management and then Network Administration, he found his passion within cybersecrurity and is a strong believer in basic education of every user towards online safety.

More Posts - Website

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...