logo elektroda
logo elektroda
X
logo elektroda
Advanced Search
logo elektroda

Vortex Ransomware Infection: Decrypting AES-encrypted Files, One-time Code & Recovery Solutions

misiekx007 2862 1
ADVERTISEMENT
Treść została przetłumaczona polish » english Zobacz oryginalną wersję tematu
| New topic
  • #1 16760590
    misiekx007
    Level 13  
    Hello dear company.

    Short description of the problem:
    just after 8 a.m. there was an infection with "Vortex Ransomware" garbage
    Has anyone encountered this and found a reasonable solution to decrypt your files.

    I have read the basics:
    https://sensorstechforum.com/vortex-ransomware-remove-restore-aes-files/
    https://www.bleepingcomputer.com/news/securit...-polski-vortex-flotera-ransomware-connection/

    At the moment, a 1: 1 backup from the linucha is taking place in order not to work on the infected medium.
    Any attempts that I am going to make will also be made in an isolated environment.

    I found a one-time code in the virus logs
    I will try to decode the files with this https://github.com/EslaMx7/AESxWin/releases because the virus uses this mechanism.
    If the files cannot be decrypted, I will try to recover the deleted originals with the recovery software.

    I will describe progress or lack of progress - if anyone knows anything about the problem, help is very needed.
    A customer without databases may close the company. Of course, backups were not performed, because why ...

    I will accept any help. Thank you in advance.
  • ADVERTISEMENT
  • #2 16763000
    misiekx007
    Level 13  
    The data was too important. The client paid the ransom.
    The group is at least honorable enough. They sent a program that I already had and a key that I couldn't have. Decryption is in progress.

    If nobody wants to say anything - the topic is to be closed.
| New topic
Report a violation of the law
ADVERTISEMENT