Hello /g/entlemen,
A member of my family has recently been affected by DMA Locker 3.0 randsomeware. Its requesting 3 Bitcoins, so they can go fuck themselves. Any suggestions on how do remove it and get the data back, or is the computer fucked?
Encryption methods are AES-256, then RSA-2048. Thanks /g/ents!
install gentoo
>>55416179
If it were my own, I would never use windows. Unfortunately, family member is using Windows, and will not change to anything but.
There is no way around encryption. So yeah, go ahead and bruteforce a 2048 random character key
Rent a server farm in china and let us know how it went in 1200 years.
>>55416174
>a member of my family
not fooling anyone
>he doesn't regularly make backups of everything just for this scenario
laughing_anime.webm
>Hai guise how do I crack AES256
This is what you're asking
Just reinstall and put back the files from your back up.
Pay up the 3 bit coins
Its only 3 bit coins
>>55416174
The computer is fucked. Backup, format then reinstall the OS. Get said family member into the habit of using cloud or offline backup.
Take a look at this: https://docs.google.com/spreadsheets/d/1TWS238xacAto-fLKh1n5uTsdijWdCEsGIM0Y0Hvmc5g/pubhtml
try to identify the software used and see if there is a known decryptor. While the encryption is theoretically secure the implementation is often lacking.
>>55416174
>cracking aes256
hahaha good luck with that
pay up or restore from backup
if neither is an option, kys or your family members
OP here, so consensus is either pay up, or delete all and install backup?
>>55416670
pretty much, v3 and up of that shit has no bug to exploit, so the only way to get the data is actually to pay up
clean slate and restore
fuck this board is full of faggots.
OP there have been people who have gotten around this. Thing is that a perfectly implemented AES-256 encryption is unbreakable, but few of these fuckers are perfect that right this stuff. You could unlucky/stupid.
I don't keep up with the flavors, but here is a start.
https://noransom.kaspersky.com/
Also kill yourself.
So what happens if you boot the computer from a Linux livecd and mount your hard drive?
Contact the NSA. They can crack the encryption with the backdoors they have. The NSA always does what is best for law abiding citizens, after all ;)
>>55416711
shut the fuck up nigger, you know nothing of what you are talking about
infect yourself with it and crack it yourself if you are so rockstar
>https://hshrzd.wordpress.com/mycode/dma-unlocker/
op is fucked, and you are the only faggot in this thread
>>55416768
you get a partition filled with files that have mangled/invalid content in them
do you even ransomware?
>>55416768
OP here, I would try this, but I am helping remotely, family member which this happened to is a doorknob when it comes to tech, don't think I could walk them through plugging it in and getting me on, even if I made the livecd for them.
>>55416839
dont bother with that, the files content is _garbage_ without the decryption key
get there, format everything and restore from the most recent backup. or, you know, pay the thieves