PWNDLocker decryption is possible thanks to EmsisoftHow to decrypt PWNDLocker-affected dataThe ransomware demands extremely large ransoms from its victims
The PWNDLocker decryption tool isn’t available to download publicly as the cybercriminals could investigate it and improve their encryption routine. Therefore, Emsisoft researchers ask all victims to recover the ransomware executable and send it to them via their contact portal here. Emsisoft is well-known for its outstanding researchers, including Fabian Wosar and Michael Gillespie. The security firm has released many ransomware decryption tools in the past, including STOP Decryptor, also tools for ChernoLocker, Paradise, Hakbit, and others.
How to decrypt PWNDLocker-affected data
In order to recover files affected by the infamous ransomware, victims are required to recover the PWNDLocker executable file. For this task, victims are advised to use any data recovery tool and use it to restore files from the following folders:
%Temp%;%Appdata%;C:/User.
Once the victim finds the executable, one needs to assure it won’t be run again. It is recommended to archive it to ensure a safe transfer to the security researchers.
The ransomware demands extremely large ransoms from its victims
PWNDLocker ransomware virus first emerged in 2019 and continued its attacks in 2020. The virus is known to target large computer networks and demand between $180,000 to $670,000 in Bitcoin. The initial ransom amount increases $100 if not paid within 2 weeks since the cyber attack. If the ransom isn’t paid within one month, the cyber criminals threaten to publish the company’s data online. As reported by BleepingComputer, the ransomware operators boast about encrypting Lasalle County’s network in Illinois. According to the attackers, the ransom amount they demand is 50 Bitcoins (roughly $445,000). In addition, the criminals suggest they have stolen data from the county. However, the Lasalle County has expressed its position and told that it has no plans on paying the hefty ransom.