JigSaw Ransomware: How to decrypt your encrypted data

A new kind of ransomware has emerged on the scene recently, which has been encrypting users data. If the user fails to meet the demands of attackers within 24 hour deadline, then their data will be deleted. Jigsaw is considered a big threat for corporations; because it will leave them empty handed if they fail to meet criminals demand. The attackers are demanding around $150 to release the encrypted data.

This breed of ransomware was first discovered by Jasen Sumalapao, a security researcher at Trend Micro. He described in a blogpost that; “Recent crypto-ransomware families have ransom amounts that grow as time passes, but not with the same increments as JIGSAW. To make matters worse, it deletes a larger amount of files with every hour while the amount to be paid also increases,”.

Jasen further described; “And with the exponential increase of files being permanently deleted, users may be pressured into paying the ransom so they may either save the remaining files, or avoid paying a larger ransom.”.

Jigsaw has been rated as the most vicious ransomware leaving Locky ( an equally threatening ransomware) behind. Jigsaw has been forcing the organizations to meet the attackers demand by leaving them with no time to look at the backups.

How to retrieve your data for FREE

In order to decrypt your data you need to follow the following steps:
Step 1: To stop any further files from delectation close the firefox.exe and drpbx.exe process from task manager.  
Step 2: Now user should run MSConfig and disable the start up entry called firefox.exe that points to the %UserProfile%AppDataRoamingFrfxfirefox.exe executable.
Step 3: Now download the Jigsaw ransomware encryption software  and extract the downloaded file. 
Step 4: Run the JigSawdecrypter.exe file and click on decrypt my files. 

Step 5: Select the drive you want to decrypt and do not check mark on the delete encrypted files. It can lead to data lose if tool fails to work properly. 
Step 6: Backup your data once all files decrypt successfully. 
Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

How to Exploit Heartbleed using Metasploit in Kali Linux

Heartbleed vulnerability (registered as CVE-2014-0160) is a security bug present in the older version of OpenSSL cryptographic library. OpenSSL is a cryptographic toolkit used...

How to Install Parrot Security OS on VirtualBox in 2020

Parrot Security OS is a free GNU/LINUX distribution, released on 10th April 2013. It is a mixture of Kali Linux and Frozenbox OS, aims to...

How to Install Kali Linux on VirtualBox [Windows Host] in 2020

Kali Linux is a Debian based Linux distribution, released on the 13th March 2013 as a complete rebuild of BackTrack Linux. It is one of...

Acunetix v13 Release Introduces Groundbreaking Innovations

The newest release of the Acunetix Web Vulnerability Scanner further improves performance and premieres best-of-breed technologies London, United Kingdom – February 5, 2019 – Acunetix,...