Emsisoft releases new decryptor for Jigsaw ransomware

[harlan4096]

 

We just released a new free decryption tool for Jigsaw ransomware.

Jigsaw was created in 2016 and known for its “punishment” concept similar to the plot of the popular horror movie franchise, Saw. The movies feature victims that are held hostage, given gruesome escape tools (including the eponymous hacksaw), and suffer dire consequences when puzzles are not solved within a time limit.

Jigsaw mimics this premise: The ransomware not only encrypts files, it also deletes them on a timed, countdown basis. A single file is deleted an hour after the data has been encrypted and an exponentially increasing number of files are deleted every hour thereafter. After 72 hours, all remaining files are deleted. If the victim reboots or terminates the ransomware’s processes, it will automatically relaunch and delete 1,000 files “as a punishment.”

A decryptor for Jigsaw was released in 2016. Initially, the ransomware was sold on a Tor marketplace, however, it has now been open-sourced which has enabled people to create multiple variants that the original tool could not decrypt. The new tool can currently unlock 85 extensions and will be updated as new variants emerge.

Download the Jigsaw Decryptor here

There are no special requirements needed to use this decryption tool. Users simply need to run the decryptor while online and the decryption process will start. A detailed usage guide is included.

Important: Before you run the decryptor, you first need to:

1. Open Task Manager

2. In the Processes tab, select firefox.exe and drpbx.exe and click “End Task”

3. When that’s done, open MSConfig

4. In the Startup tab, deselect the startup item firefox.exe that points to %UserProfile%\AppData\Roaming\Frfx\firefox.exe and click OK

Once you’ve completed these steps, you can proceed to run the decryptor.

...

Continue Reading