sb-au logo
Story image

Bitdefender creates decryption tool for Bart ransomware victims

09 May 2017

Help is at hand for victims of the Bart ransomware, after Bitdefender released a decryption tool that works for all variants.

The Bart ransomware is able to encrypt files without an internet connection - but it does need a connection to communicate with the Command & Control (C&C) server to transfer bitcoins and deliver the decryption key.

The free Bart Ransomware Decryption tool, a collaboration between Bitdefender, Europol and Romanian Police, can help victims recover from all variants of the Bart ransomware.

The Bart ransomware has been creating havoc since July 2016 when it was discovered in spam with the subject line of ‘photos’. The email contained an attachment with malicious JavaScript. 

The Bart ransomware is able to delete system restore points, generate a seed to form encryption keys using information from the victim’s device, uses a master key to encrypt the key used to encrypt the files, and then displays a ransom note.

It demands a $2000 ransom from victims and then redirects to a .onion website.

The free decryptor is able to decrypt files with the bart.zip, .bart and .perl extensions. It is free to download from the “No More Ransomware” website.

Bitdefender says that almost half of ransomware victims pay fees ranging from $300 to $500. Ransomware-on-demand and ransomware-as-a-service have increased the volume and scale of ransomware attacks, Bitdefender says.

According to statistics from a recent Trend Micro report, ransomware attacks skyrocketed 752% last year. 

Both Bitdefender and the FBI strongly advise against paying ransom demands as there is no guarantee a decryption key will be provided. Ransom payments also fund future ransomware attacks.

Story image
Fast track your digital transformation with dynamic security services from Fortinet
Jon McGettigan, Fortinet A/NZ Regional Director, explains how enterprises can speed up their network service delivery programmes by embracing Fortinet’s dynamic security services.More
Story image
Yubico launches latest YubiKey with NFC & USB-C support
Yubico has released a new hardware authentication key, designed to provide security through both near-field communication (NFC) and USB-C connections and smart card support.More
Story image
Why securing IoT installations will be ‘do or die’ in post-pandemic Australia
Unless IoT technology is visible on the network, organisations will find themselves at risk with an unmanageable high-tech morass, warns ExtraHop A/NZ regional sales manager Glen Maloney.More
Download image
Network functions virtualisation: What is is, how to use it, and why it matters
Network functions virtualisation (NFV) is fast becoming the go-to method of simplifying corporate networks from planning, through deployment and management.More
Link image
How to better protect your organisation's most valuable asset - its data.
Data resilience strategies are becoming increasingly critical in relation to the skyrocketing value of data and the proliferation of malicious entities wishing to steal it.More
Story image
Ripple20 threat has potential for 'vast exploitation', ExtraHop researchers find
One in three IT environments are vulnerable to a cyber threat known as Ripple20. This is according to a new report from ExtraHop, a cloud-native network detection and response solutions provider. More