Become a fighter against malware and join the forum at SensorsTech!  The SensorsTech’s forum is the place where you can solve your PC issues and educate yourself about malware. You are welcome to discuss various security topics with our professional team and other users like you! To unlock all features of the forums, you have to create an account. Otherwise, you can only browse the topics without taking part in the discussions. To leave a comment or ask your questions, read our Registration Agreement and create your free account here.

Recent Posts

Pages: [1] 2 3 ... 10
Kryptonite is the name of a new ransomware cryptovirus,
that is quite cleverly masked as the popular game "Snake".
You can also play a Command Prompt variant of "Snake",
while the Kryptonite virus is encrypting your files...

...and then you are asked to pay $500 as ransom for your files.

This is how the game looks like:

You can read all about it, from the following article:
Malware Removal Questions and Guides / Re: Mole02 File?
« Last post by Execute on June 22, 2017, 06:04:03 pm »
Hello, @ZMan.

Yes, this is confirmed by malware researchers to be the new variant of MOLE ransomware and it appends the .MOLE02 extension like you have shown in the attached picture.

You can find a thorough analysis of the virus here:

Best Regards,
Malware Removal Questions and Guides / Mole02 File?
« Last post by ZMan on June 14, 2017, 06:03:16 pm »
Does this look more like a different mole file that the standard mole going around? I can't find much on this virus, any links are sources would be usefully if you can give any.

Hmm, that is quite interesting. Sad that you couldn't recover files with Recuva. Just don't reformat the drive so you could keep trying such Data Recovery programs. That is indeed helpful information, but can't really remember a ransomware that did that. If I remember anything I will be sure to write about it here.
Thanks for your reply, the new names files are numbers and letters without any sense, and also the extension of the archives are the same.
Also, the archives are stored in a hard external disc (usb conexion), and no message is showing after the attack.
All it's very strange but after using a recovery tool to missing archives, I could descover that the original archives were deleted at the same time were created the new encrypted archives (the time of the two actions are the same). Unfortunately, I could'n recover the original archives with the program RECUVA (and also another more that I tred).
I hope this information add data to your diagnosis. I read your suggested article, but don't match with my case.
I ran the decrypter program on a small portion of encrypted files and it worked!! I am now going to work on decrypting a larger set of files we had saved in case a decryption program was created that worked. There are a huge set of files we were waiting on to decrypt that will save us a lot of headache in the future. A BIG THANKS goes out to the creators of the decryption program.!!
There is now a DECRYPTION TOOL released for the .wallet variant of Dharma ransomware!
It might work for the Sanctions virus, so you should definitely try it!

Check out the instructions for it in the article:
Decrypt .wallet Encrypted Files for Free (Dharma Update 2017)

Best Regards,
Software Reviews / Re: Android Data Recovery Pro, Android backup needed
« Last post by Ankurstellar01 on May 17, 2017, 06:04:30 am »
 you can also look for Stellar Data recovery tools they are easy to use and install.
 have a look Even you can get offer and a free version to check.
Pages: [1] 2 3 ... 10