+- Geeks for your information (https://www.geeks.fyi)
+-- Forum: Security (https://www.geeks.fyi/forumdisplay.php?fid=68)
+--- Forum: Security Vendors (https://www.geeks.fyi/forumdisplay.php?fid=87)
+---- Forum: EmsiSoft (https://www.geeks.fyi/forumdisplay.php?fid=89)
+----- Forum: Emsisoft Blog Articles (https://www.geeks.fyi/forumdisplay.php?fid=140)
+----- Thread: PwndLocker ransomware decryption now available (/showthread.php?tid=10647)
PwndLocker ransomware decryption now available - harlan4096 - 09 March 20
Quote:Continue Reading
We have developed a decryption solution for PwndLocker ransomware. Because each decryptor requires customization before use, we cannot make the tool publicly available for download and affected organizations should contact us.
PwndLockerPwnd
Locker mainly targets businesses and governments. The amount of the PwndLocker ransom demand is victim-specific and therefore varies from case to case, but can be more than $500,000.
PwndLocker has numerous variants, all of which delete shadow volume copies, limiting victims’ ability to recover.
Requirements
In order to create a custom decryption tool, we require the ransomware executable that was used in a particular attack.
While the ransomware automatically deletes the executable, it is often possible to recover it using file recovery tools and it may be found in the %Temp%, C:\User folders or %Appdata% folders. Organizations that require assistance locating the executable should contact us.
...
![[Image: logo.svg]](https://static.emsisoft.com/images/layout/logo.svg){kind=logo}