Emsisoft releases a free decrypter for BigBobRoss Ransomware

[tarekma7]

Our research team has uncovered a new ransomware campaign we nicknamed BigBobRoss that seems to target Comcast Business users. Fortunately, our security experts were able to identify a flaw within the ransomware’s code that can be used to decrypt encrypted files without paying the ransom.

Update: The BigBobRoss decrypter has been updated for the extension ‘.encryptedALL’


Download the BigBobRoss Decrypter here.


Do not pay the ransom!

Technical details

BigBobRoss is a ransomware written in C++ using QT. It uses AES-128 ECB to encrypt files, and adds the extension “.obfuscated”. Some variants also prepend the victim ID to the filename. The ransom note “Read Me.txt” asks the victim to contact “BigBobRoss@computer4u.com”.

READ THE FULL ARTICLE HERE

[dinosaur07]

Emsisoft is great for 3 things:
1. A lot of respect for its clients and potential clients.
2. Great privacy and very nice orientation towards users.
3. A very open and straightforward company.

I am a simply a fan of them.