Whether you can recover (decrypt) your files or not depends on what ransomware infection you are dealing with and a variety of factors. All crypto malware ransomware use some form of encryption algorithms
, most of them are secure, but others are not. The possibility of decryption depends on the thoroughness of the malware creator, what algorithm the creator utilized for encryption, discovery of any flaws and sometimes just plain luck. Newer ransomware variants use a public and private key system where the public key is used to encrypt and the private key is used to decrypt. The private key is stored on a central server maintained by the cyber-criminals and not available unless the victim pays the ransom or at some point, law enforcement authorities arrest the criminals...seize the C2 server and release the private RSA decryption keys to the public. In some cases, the cyber-criminals, for whatever reason, choose to release the master keys after a period of time.
Dr.Web: Encryption ransomware - Threat No. 1
Dr.Web statistics show that the probability of restoring files compromised by encryption ransomware doesn't exceed 10%. That means that most of user data has been lost for good!
In cases where there is no free decryption fix tool and victims are not willing to pay the ransom, the only other alternative is to backup/save your encrypted data as is and wait for a possible breakthrough
...meaning, what seems like an impossibility at the moment (decryption of your data), there is always hope someday there may be a potential solution.
Rather than have everyone with individual topics, it would be best (and more manageable for staff) if you posted any more questions, comments or requests for assistance in the above Dharma Ransomware support topic discussion. To avoid unnecessary confusion, this topic is closed.
The BC Staff