You are welcome to discuss various security topics with our professional team and other users like you!
Read our Registration Agreement and create your FREE account here!

*

pawsimoto

  • *
  • 1
  • +0/-0
      • View Profile
Crysis variant XTBL johnycryptor@hackermail.com
« on: September 10, 2016, 08:03:35 pm »
Anyone know of a decryption tool?
Client called in panic!  There backups are no good... 

We checked:
 1.-Shadowcopy  is gone.
 2.- recover deleted files
 3.-?

Customer never checked their backup logs....  Now they are stuck!

*

Execute

  • *****
  • 388
  • +55/-0
  • Your friendly neighbourhood IT guy
      • View Profile
Re: Crysis variant XTBL johnycryptor@hackermail.com
« Reply #1 on: September 12, 2016, 11:20:47 am »
Hello @pawsimoto,

first of all - do not panic - that ransomware is from a series of educational ransomware.
You can read more about it from the article about JohnyCryptor Ransomware.

A decryption tool is available and you can see instructions on using it
from the article Decrypt Files Encrypted by Shade .Xtbl Ransomware.

Best of luck and write back if you come across any issues, have questions or want to give feedback.

Kind Regards,
Execute