How to recover files locked by crypto ransomware without paying

Thanks to a work by Kaspersky Lab experts, you can use a free system to get back your documents locked by this type of hacker attack

Have a free tool to recover files encrypted by a ransomware? It is now possible thanks to the work done by the researchers of the Kaspersky Lab group. It is a system capable of reactivating those files that had been infected by this type of malware and were locked to victims.

The work of Kaspersky Lab. In April and May 2016, Kaspersky had already made available two tools for decrypting two particular ransomware attacks called CryptXXX. And now the cybersecurity company has released a new system to recover files infected by the same malware update. Il servizio Kaspersky è in grado di decriptare la maggior parte dei file con estensione .crypt, .crypt1 e .crypz. File che fino a poco tempo fa non potevano essere recuperati una volta infettati. CryptXXX è, infatti, una delle famiglie di ransomware più presenti e pericolose: gli hacker hanno a lungo usato i kit di exploit Angler e Neutrino per infettare le vittime con questo malware.

Attacco ransomware: oltre 80mila utenti infettati

hacker-4.jpgFonte foto: Shutterstock

Clicca sull’immagine per accedere alla gallery con 5 consigli su come difendersi dagli hacker

È difficile stabilire un numero preciso dei dispositivi infettati in questo modo dai cyber criminali. Kaspersky Lab ha stimato che circa 80 mila utenti, che usavano i loro sistemi per la sicurezza, hanno subito questo attacco. La società calcola che il numero totale sia superiore alle centinaia di migliaia. This type of malware is spread all over the world, with particular regard to Germany, Russia, the United States, Canada, Japan and India. The decryption tool can be downloaded from Kaspersky Lab's website and from The latter is the site of the nonprofit initiative launched this year by the Dutch police's National High Tech Crime Unit, Europol's European Cybercrime Center and two cyber security companies, Kaspersky Lab and Intel Security, with the goal of helping victims of ransomware attacks recover their encrypted data without having to pay hackers.

Advice to follow in case of ransomware attack

Morten Lehn, General Manager Italy at Kaspersky Lab, wanted to reassure users and more importantly, within a statement, spelled out simple guidelines to follow if you are a victim of similar hacker attacks: "Our advice to victims of attacks by different ransomware families is the following: even if at that given moment there is no decryption tool available for the version of malware that encrypted your files, it is crucial not to pay ransom to cyber criminals. Save the damaged files and wait - the probability that a decryption tool will appear soon is high: the case of CryptXXX v.3 proves it. Numerous cyber security experts around the world are constantly working to help victims of ransomware attacks and sooner or later the solution to most infections will be found."