ID Ransomware

Caso você tenha sido vítima de ransomware, tendo seus arquivos criptografados, o site ID Ransomware é capaz de identificar variantes desta ameaça.

Um site lançado nas últimas semanas está tornando a vida de vítimas de ransomware muito mais fácil, permitindo-lhes identificar qual variante infectou seus computadores e se há alguma maneira de recuperar os arquivos sem necessidade de pagar o resgate.

O ID Ransomware foi criado por Michael Gillespie, um colaborador regular para fórum de suporte do Bleeping Computer, onde muitas vítimas de ransomware vão para pedir ajuda. Michael também é um dos caras que ajudaram a quebrar o ransomware CryptoHost (Manamecrypt).

Para usar o site gratuito ID Ransomware os usuários precisarão de duas coisas. A primeira é o arquivo de nota de resgate, que pode assumir diferentes formas, desde HTML a arquivos de texto e, em seguida, precisarão de um dos arquivos criptografados pelo ransomware.

Os usuários devem enviar ambos os arquivos nos dois campos de formulário no site da ID Ransomware e apertar o botão “Upload”. Opcionalmente, você pode inserir qualquer endereço de e-mail ou hiperlinks que o ransomware lhe forneça para contato. Uma análise será iniciada. Depois de alguns segundos ou minutos, dependendo da carga do servidor, o serviço retornará qual variante ransomware bloqueou o computador, como na imagem abaixo.

id ransomwareDependendo do tipo ransomware detectado, o usuário sortudo receberá um link de onde poderá fazer download de uma ferramenta de decriptação que irá ajudá-lo a desbloquear seus arquivos.

Os usuários não tão afortunados serão redirecionados ao suporte do fórum Bleeping Computer e, ao mesmo tempo, serão orientados a fazer backup de seus dados criptografados, na esperança de recuperar os seus arquivos futuramente, caso um ferramenta de recuperação seja lançada.

Leia também: A tríade contra ransomware

No momento da atualização deste post (07/09/2019), o serviço ID Ransomware havia detectado 753 variantes de ransomware:

010001, 0kilobypt, 24H Ransomware, 4rw5w, 777, 7ev3n, 7h9r, 7zipper, 8lock8, AAC, ABCLocker, ACCDFISA v2.0, AdamLocker, AES_KEY_GEN_ASSIST, AES-Matrix, AES-NI, AES256-06, Al-Namrood, Al-Namrood 2.0, Alcatraz, Alfa, Allcry, Alma Locker, Alpha, AMBA, Amnesia, Amnesia2, Anatova, AnDROid, AngryDuck, Annabelle 2.1, Anubi, Anubis, AnubisCrypt, Apocalypse, Apocalypse (New Variant), ApocalypseVM, ApolloLocker, AresCrypt, Argus, Armage, ArmaLocky, Arsium, ASN1 Encoder, Ataware, Atchbo, Aurora, AutoLocky, AutoWannaCryV2, AVCrypt, AxCrypter, aZaZeL, B2DR, BadBlock, BadEncript, BadRabbit, Bam!, BananaCrypt, BandarChor, Bart, Bart v2.0, Basilisque Locker, BigBobRoss, Bisquilla, BitCrypt, BitCrypt 2.0, BitCryptor, BitKangoroo, Bitpaymer, Bitshifter, BitStak, BKRansomware, Black Feather, Black Shades, BlackHeart, Blackout, BlackRuby, Blind, Blind 2, Blocatto, BlockFile12, Blooper, Blue Blackmail, BoooamCrypt, Booyah, BrainCrypt, Brazilian Ransomware, BrickR, BTCamant, BTCWare, BTCWare Aleta, BTCWare Gryphon, BTCWare Master, BTCWare PayDay, Bubble, Bucbi, Bud, BugWare, BuyUnlockCode, Cancer, Cassetto, Cerber, Cerber 2.0, Cerber 3.0, Cerber 4.0 / 5.0, CerberTear, ChaCha, Chekyshka, Chimera, ChinaYunLong, ChineseRarypt, CHIP, ClicoCrypter, Clop, Clouded, CmdRansomware, CockBlocker, Coin Locker, CoinVault, Comrade Circle, Conficker, CorruptCrypt, Cossy, Coverton, Cr1ptT0r Ransomware, CradleCore, CreamPie, Creeper, Cripton, Cry128, Cry36, Cry9, Cryakl, CryFile, CryLocker, CrypMic, CrypMic, Crypren, Crypt0, Crypt0L0cker, Crypt0r, Crypt12, Crypt38, CryptConsole, CryptConsole3, CryptFuck, CryptGh0st, CryptInfinite, CryptoDefense, CryptoDevil, CryptoFinancial, CryptoFortress, CryptoGod, CryptoHasYou, CryptoHitman, CryptoJacky, CryptoJoker, CryptoLocker3, CryptoLockerEU, CryptoLuck, CryptoMix, CryptoMix Revenge, CryptoMix Wallet, CryptON, Crypton, CryptoPokemon, CryptorBit, CryptoRoger, CryptoShield, CryptoShocker, CryptoTorLocker, CryptoViki, CryptoWall 2.0, CryptoWall 3.0, CryptoWall 4.0, CryptoWire, CryptXXX, CryptXXX 2.0, CryptXXX 3.0, CryptXXX 4.0, CryPy, CrySiS, Crystal, CSP Ransomware, CTB-Faker, CTB-Locker, Dablio, Damage, DarkoderCryptor, DataKeeper, Dcrtr, DCry, DCry 2.0, Deadly, DeathNote, DecryptIomega, DEDCryptor, Defender, Defray, Defray777, DeriaLock, Dharma (.cezar Family), Dharma (.dharma Family), Dharma (.onion Family), Dharma (.wallet Family), Digisom, DilmaLocker, DirtyDecrypt, District, DMA Locker, DMA Locker 3.0, DMA Locker 4.0, DMALocker Imposter, DoggeWiper, Domino, Done, DoNotChange, Donut, DoubleLocker, DriedSister, DryCry, Dviide, DXXD, DynA-Crypt, eBayWall, eCh0raix / QNAPCrypt, ECLR Ransomware, EdgeLocker, EduCrypt, EggLocker, El Polocker, Enc1, EnCrypt, EncryptedBatch, EncrypTile, EncryptoJJS, Encryptor RaaS, Enigma, Enjey Crypter, EnkripsiPC, EOEO, Erebus, Eris, Eternal, Everbe, Everbe 2.0, Evil, Executioner, ExecutionerPlus, Exocrypt XTC, Exotic, Extortion Scam, Extractor, Fabiansomware, Fadesoft, Fantom, FartPlz, FCPRansomware, FCrypt, FenixLocker, FenixLocker 2.0, Fenrir, FilesLocker, FindZip, FireCrypt, Flatcher3, FLKR, Flyper, FreeMe, FrozrLock, FRSRansomware, FS0ciety, FuckSociety, FunFact, GandCrab, GandCrab v4.0 / v5.0, GandCrab2, GarrantyDecrypt, GC47, Gerber, GermanWiper, GetCrypt, GhostCrypt, GhostHammer, Gibon, Globe, Globe (Broken), Globe3, GlobeImposter, GlobeImposter 2.0, Godra, GOG, Golden Axe, GoldenEye, Gomasom, Good, Gorgon, Gotcha, GPAA, GPCode, GPGQwerty, GusCrypter, GX40, HadesLocker, Halloware, HappyDayzz, hc6, hc7, HDDCryptor, Heimdall, HellsRansomware, Help50, HelpDCFile, Herbst, Hermes, Hermes 2.0, Hermes 2.1, Heropoint, Hi Buddy!, HiddenTear, HildaCrypt, HKCrypt, HollyCrypt, HolyCrypt, HPE iLO Ransomware, Hucky, HydraCrypt, IEncrypt, IFN643, Ims00ry, ImSorry, Incanto, InducVirus, InfiniteTear, InfinityLock, InsaneCrypt, iRansom, Iron, Ishtar, Israbye, JabaCrypter, Jack.Pot, Jaff, Jager, Jamper / Buran, JapanLocker, JeepersCrypt, Jemd, Jigsaw, JNEC.a, JobCrypter, JoeGo Ransomware, JosepCrypt, JSWorm, JSWorm 2.0, JSWorm 4.0, JuicyLemon, JungleSec, Kaenlupuf, Kali, Karma, Karmen, Karo, Kasiski, Katyusha, KawaiiLocker, KCW, Kee Ransomware, KeRanger, Kerkoporta, KeyBTC, KEYHolder, KillerLocker, KillRabbit, KimcilWare, Kirk, Kolobo, Kostya, Kozy.Jozy, Kraken, Kraken Cryptor, KratosCrypt, Krider, Kriptovor, KryptoLocker, L33TAF Locker, Ladon, Lalabitch, LambdaLocker, LeChiffre, LightningCrypt, Lilocked, Lime, Litra, LittleFinger, LLTP, LMAOxUS, Lock2017, Lock93, LockBox, LockCrypt, LockCrypt 2.0, Locked-In, LockedByte, LockeR, LockerGoga, LockLock, LockMe, Lockout, Locky, LongTermMemoryLoss, LooCipher, Lortok, LoveServer, LowLevel04, Lucky, MadBit, MAFIA, MafiaWare, Magic, Magniber, Mailto Ransomware, Major, Maktub Locker, MalwareTech’s CTF, Maoloa, Marduk, Marlboro, MarsJoke, Matrix, MauriGo, MaxiCrypt, Maykolin, Maysomware, MCrypt2018, MegaCortex, MegaLocker, Meteoritan, Mikoyan, MindSystem, Minotaur, MirCop, MireWare, Mischa, MMM, MNS CryptoLocker, Mobef, MongoLock, MoonCrypter, MorrisBatchCrypt, MOTD, MoWare, MRCR1, MrDec, Mystic, n1n1n1, NanoLocker, NCrypt, NegozI, Nemty, Nemucod, Nemucod-7z, Nemucod-AES, NETCrypton, Netix, NewHT, Nhtnwcuf, NM4, NMoreira, NMoreira 2.0, Noblis, NonRansomware, NotAHero, Nozelesn, NSB Ransomware, Nuke, NullByte, NxRansomware, ODCODC, OhNo!, OoPS, OopsLocker, OpenToYou, OpJerusalem, Ordinypt, OzozaLocker, PadCrypt, Paradise, Paradise B29, PayPalGenerator2019, PaySafeGen, PClock, PClock (Updated), PEC 2017, Pendor, Petna, PewCrypt, PGPSnippet, Philadelphia, Phobos, Pickles, Plague17, Planetary Ransomware, PoisonFang, PopCornTime, Potato, PowerLocky, PowerShell Locker, PowerWare, Pr0tector, Predator, PrincessLocker, PrincessLocker 2.0, PrincessLocker Evolution, Project34, Project57, Protected Ransomware, PshCrypt, PUBG Ransomware, PyCL, PyCL, PyL33T, PyLocky, qkG, QP Ransomware, QuakeWay, QwertyCrypt, Qweuirtksd, R980, RAA-SEP, RabbitFox, RackCrypt, Radamant, Radamant v2.1, Radiation, Random6, RandomLocker, Ranion, RanRan, RanRans, Rans0mLocked, RansomCuck, Ransomnix, RansomPlus, Ransomwared, RansomWarrior, Rapid, Rapid 2.0 / 3.0, RaRansomware, RarVault, Razy, RedBoot, RedEye, REKTLocker, Rektware, Relock, RemindMe, RenLocker, RensenWare, RetMyData, REvil / Sodinokibi, Reyptson, RobbinHood, Roga, Rokku, Rontok, RoshaLock, RotorCrypt, Roza, RSA-NI, RSA2048Pro, RSAUtil, Ruby, Russenger, Russian EDA2, Ryuk, SAD, SadComputer, SADStory, Sage 2.0, Salsa, SamSam, Sanction, Sanctions, Satan, Satana, Saturn, Scarab, SD 1.1, Seon, Sepsis, SerbRansom, Serpent, ShellLocker, Shifr, Shigo, ShinigamiLocker, ShinoLocker, ShivaGood, ShkolotaCrypt, Shrug, Shujin, Shutdown57, Sifreli, Sigma, Sigrun, SilentSpring, Simple_Encoder, SintaLocker, Skull Ransomware, SkyFile, SkyStars, Smrss32, SnakeLocker, Snatch, SNSLocker, SoFucked, Solo Ransomware, Spartacus, Spectre, Spider, Spora, Sport, SQ_, Stampado, Stinger, STOP (Djvu), STOP / KEYPASS, StorageCrypter, Storm, Striked, Stroman, Stupid Ransomware, Styx, SuperB, SuperCrypt, Surprise, SynAck, SyncCrypt, Syrk, SYSDOWN, SystemCrypter, SZFLocker, T1Happy, Team XRat, Telecrypt, TellYouThePass, Termite, TeslaCrypt 0.x, TeslaCrypt 2.x, TeslaCrypt 3.0, TeslaCrypt 4.0, TeslaWare, TFlower, Thanatos, TheDarkEncryptor, THT Ransomware, tk, Torchwood, TotalWipeOut, TowerWeb, ToxCrypt, Trojan.Encoder.6491, Troldesh / Shade, Tron, TrueCrypter, TrumpLocker, UCCU, UIWIX, Ukash, UmbreCrypt, UnblockUPC, Ungluk, Unit09, Unknown Crypted, Unknown Lock, Unknown XTBL, Unlock26, Unlock92, Unlock92 2.0, Unlock92 Zipper, Useless Disk, UselessFiles, UserFilesLocker, USR0, Uyari, V8Locker, Vapor v1, VaultCrypt, vCrypt, VegaLocker, Velso, Vendetta, VenisRansomware, VenusLocker, ViACrypt, VindowsLocker, VisionCrypt, VMola, Vortex, Vurten, VxLock, Waffle, WannaCash, WannaCry, WannaCry.NET, WannaCryOnClick, WannaDie, WannaPeace, WannaSmile, WannaSpam, Wesker, WhatAFuck, WhiteRose, WildFire Locker, WininiCrypt, Winnix Cryptor, WinRarer, WonderCrypter, Wooly, Wulfric, X Locker 5.0, XCry, XCrypt, XData, XiaoBa, XiaoBa 2.0, Xorist, Xort, XRTN, XTP Locker 5.0, XYZWare, Yatron, YouAreFucked, YourRansom, Yyto, ZariqaCrypt, zCrypt, Zekwacrypt, Zenis, ZeroCrypt, ZeroFucks, Zeropadypt, Zeropadypt NextGen, ZeroRansom, Zilla, ZimbraCryptor, ZinoCrypt, ZipLocker, Zipper, Zoldon, ZQ, Zyklon.

    Proteção efetiva contra RANSOMWARE:
    Digite o seu e-mail abaixo para fazer o DOWNLOAD GRATUITO do Kaspersky Anti-Ransomware Tool for Business:

    ASSINE NOSSO BOLETIM
    Concordo em informar meus dados pessoais para recebimento da newsletter.
    Junte-se a mais de 8.000 visitantes que estão recebendo nossa newsletter sobre cibersegurança.
    Seu endereço de email não será vendido ou compartilhado com mais ninguém.