Emsisoft Decrypter for Planetary gets your ransomware-riddled files back for free
Emsisoft has released a free decrypter tool for anyone who has been struck by the Planetary Ransomware, eliminating the need to pay a fee to the attackers.
Before using the tool you are advised to ensure that you have removed the malware from your computer -- something you can do with the free version of Emsisoft Anti-Malware. You also need to ensure that you don't delete the ransom note ("!!!READ_IT!!!.txt") or the decrypter won't work.
- Google publishes its Android Security & Privacy 2018 Year in Review
- Free tool protects businesses against ransomware and other threats
- UK watchdog says Huawei poses a national security risk
Emsisoft explains: "Planetary is a ransomware family that uses AES-256 to encrypt files, adding the extension ".mira", ".yum", ".Neptune", or ".Pluto" to files - the latter of which give this ransomware its name. The ransom note "!!!READ_IT!!!.txt" then asks the victim to contact "firstname.lastname@example.org"."
The Emsisoft Decrypter for Planetary can be downloaded here.
While this free option is a far better first port of call than handing over money to unknown attackers, complete success is not guaranteed, and you should retain the encrypted files "just in case" as Emsisoft explains:
Once the ransomware does not save any information about the unencrypted files, the decrypter can't guarantee that the decrypted data is identical to the one that was previously encrypted. Therefore, the decrypter by default will opt on the side of caution and not remove any encrypted files after they have been decrypted. If you want the decrypter to remove any encrypted files after they have been processed, you can disable this option. Doing so may be necessary if your disk space is limited.
You can find full details of how to use the decryption tool on the Emsisoft website.