Hi, can someone help with this type of ransomware and a decryption tool?
The computer was infected from an RDP connection from Russia. The encrypted files have a file name ending in .crypt
The ransom note is titled HOW_OPEN_FILES.html and contains the email address firstname.lastname@example.org.
The ID Ransomware site detects the ransom note as GlobeImposter 2.0 and the files as CryptXXX, CryptXXX 2.0, CryptXXX 3.0, or Chimera, but can't work out the email address in the ransom note.
I have tried all the current decryption tools, and none work.
Also, if there is no decryption tool, are we able to pay a company to develop a decryption tool?
Thank you in advance for your help.
Edited by RogetWilco, 21 May 2017 - 08:48 PM.