Security firm releases free Diavol ransomware decryptor tool
Security firm Emsisoft, which specializes in fighting ransomware, has released a free Diavol ransomware decryptor tool. Diavol ransomware associated with the TrickBot botnet. Using the Diavol ransomware decryptor tool, users can decrypt files encrypted by Diavol for free, and the encrypted file formats include .lock64 and so on.
Diavol usually asks ransom demands between $10,000 and $500,000. And if victims contact them to negotiate, they can often continue to drive down prices. Diavol is still a relatively humble ransomware gang. Other ransomware associated with TrickBot, such as Conti and Ryuk, usually asks demands millions or even tens of millions of dollars in ransom. Of course, users are not recommended to pay ransoms in principle, because paying ransoms will only encourage more hackers to engage in the ransomware industry.
The decryptor also supports decrypting large files, but due to technical limitations, large files may only be partially decrypted, but not all of them can be successfully decrypted.
Unlike other ransomware gangs that use AES encryption, Diavol uses asynchronous invocations of an asymmetric encryption algorithm, and the ransomware gang isn’t obfuscating, and when the data encryption is done, the Windows wallpaper is replaced with black and shows that all your files are encrypted.