It is currently 24-09-2017 15:04

Provides tools to recover encrypted Bart and PowerWare content

Provides tools to recover encrypted Bart and PowerWare content

by sigismund » 2016-07-24 14:58:22


Key feature of the PowerWare is a tool use PowerShell to encrypt files.


Researchers from the companies Palo Alto Networks and AVG presented free tools to recover files encrypted by ransomware Bart and PowerWare (PoshCoder).
Malware PowerWare and Bart appeared relatively recently. First, the researchers from Palo Alto Networks discovered in March of this year. The key feature of extortion is the use of a tool PowerShell to encrypt files. In July, the experts are faced with a new version of PowerWare, imitating popular rent-seeking BY Locky.

By analogy with Locky new version adds the extension .locky encrypted files and displays the same notice requiring redemption. The authors PowerWare/PoshCoder is not the first time to imitate the well-known families of ransomware. In the past, they released a version that simulates CryptoWall and All. Recovery tool for encrypted the latest version of PowerWare files hosted on GitHub.

This week has also made available a free utility that allows you to restore the content encrypted by the ransomware Bart, which first became known in June this year. The ransomware encrypts files on the victim's computer without prior connection to the C&C server. Because of this, he can encrypt the Windows file system to bypass corporate firewalls usually block such malicious traffic.

Developed by experts AVG tool allows you to define a password by comparing a file that already done by Bart, and his original. The recovery process takes a few days.
sigismund
moderators
Сообщений: 788
Депозит: 0 BTC

Rating: 5