Data recovery and disk repair questions and discussions related to old-fashioned SATA, SAS, SCSI, IDE, MFM hard drives - any type of storage device that has moving parts
May 11th, 2017, 4:18
Hi all
We have got some success in recovery of standard database files. 5 out of 10 were recovered in readable format.
Those who are interested pls. PM.
May 11th, 2017, 7:46
Hi
Is there any possibility to decrypt ONION ransomeware .
May 11th, 2017, 9:27
Hi What is the affected file types .Currently I can work on limited file types (database) only.
PM for more details.
May 12th, 2017, 5:23
kash wrote:Hi
Is there any possibility to decrypt ONION ransomeware .
Onion is a Cry128 variant, there is decryptor available for this. see if it works
May 12th, 2017, 11:12
MindMergepk wrote:Onion is a Cry128 variant
I kindly disagree, .onion can be a lot of different Ransomware strains, and one (and most common) of them is Dharma. If it's Dharma it's game over.
May 12th, 2017, 15:33
its possible,
can OP upload some files to identify the variant.
May 13th, 2017, 9:40
Hi all
With the help of one of my friend , we have successfully worked on Dharma ransomware. affected files.
As I have previously mentioned we have limited success ( some database files fully recovered)
May 13th, 2017, 16:08
dharma old variants keys are already released in march 2017:
https://threatpost.com/keys-for-dharma- ... ed/124024/new variant has no solution as far as i know, I would love to hear if anyone has decrypted new dharma variants.
May 14th, 2017, 2:06
Dharma .wallet .onion has no way to decrypt.
As far as we've seen, on countless analysis we've done, it has no weaknesses.
And .dharma was "broken" because the dev gave away the master key, not because it was possible to crack.
May 14th, 2017, 19:49
I assume full image backups of OS and Data partitions onto external media has already been done? If/when end-user gets the stuff back, then another set will be made?
May 15th, 2017, 2:48
As several peoples have mentioned full decryption may not be possible.
However I have got limited success with some file types (database)
May 15th, 2017, 5:41
question is !
what is the variant you can partially decrypt ?
May 16th, 2017, 8:16
Bit difficult to answer as there are so many variants , pls .send me your file ,I will give it a try.
May 19th, 2017, 3:42
Dharma .wallet now decryptable
May 19th, 2017, 13:26
another variant master key released:
BTCWare Ramsomware
https://www.bleepingcomputer.com/news/s ... available/
Powered by phpBB © phpBB Group.