Decrypt Files Encrypted by Philadelphia Ransomware - How to, Technology and PC Security Forum | SensorsTechForum.com
THREAT REMOVAL

Decrypt Files Encrypted by Philadelphia Ransomware

philadelphia-ransomware-decryptedShortly after the Philadelphia ransomware virus came out, a decryptor for it has been released by malware researchers. When it was spotted, the ransomware has been released for 400$ on the black market. The page advertising the virus outlined it as a very sophisticated threat. However researchers were convinced that the virus is not impenetrable, and now they have proven this, creating a free decryptor for the virus. Anyone who has been infected by the Philadelphia virus should follow the instructions in this article, remove Philadelphia Ransomware and decrypt files that have been enciphered by it.

Philadelphia Ransomware – Quick Background

This ransomware virus was first detected on the deep web markets and in addition to this, researchers detected how it spreads as well. The Philadelphia ransomware uses a fake governmental notice that pretends to be a scanned document from the financial ministry of Brazil. This immediately gives a hint that this virus may be spread onto Portuguese speaking countries. The Philadelphia ransomware also attacked a wide variety of file types that it rendered no longer openable:

→.7z;.asp;.avi;.bmp;.cad;.cdr;.doc;.docm;.docx;.gif;.html;.jpeg;.jpg;.mdb;.mov;.mp3;.mp4;.pdf;.php;.ppt;.pptx;.rar;.rtf;.sql;.str;.tiff;.txt;.wallet;.wma;.wmv;.xls;.xlsx;.zip

After encrypting the files of users, Philadelphia completely changes their names with random A-Z 0-9 names and changes the extension to .locked. Users who were left with no choice but to pay the ransom until now.

Furthermore, Philadelphia ransomware besides being part of the Stampado ransomware variants, also uses a very interesting type off command and control server, having a so-called “Give Mercy” button that unlocks the files for free.

Philadelphia Ransomware – Removal and Decryption Instructions

Before deciphering your files with the tool, created by Fabian Wosar, a researcher from EmsiSoft, we strongly recommend removing Philadelphia first. One way to do this is by following these removal instructions

Ventsislav Krastev

Ventsislav has been covering the latest malware, software and newest tech developments at SensorsTechForum for 3 years now. He started out as a network administrator. Having graduated Marketing as well, Ventsislav also has passion for discovery of new shifts and innovations in cybersecurity that become game changers. After studying Value Chain Management and then Network Administration, he found his passion within cybersecrurity and is a strong believer in basic education of every user towards online safety.

More Posts - Website

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...