As Virus Activity blog reports, there’s no need to worry about Jaff ransomware anymore. This recently emerged cyber threat is already decryptable.
This ransomware was noticed spreading via Necrus botnet at the end of spring 2017. Crooks send numerous malicious spam emails that included obfuscated PDF attachment. These files were renamed as copies, scans, invoice and similarly. Apparently, too many users believe that these documents cannot pose harm to their computer.
Unfortunately, these naïve assumptions were wrong. A safely-looking PDF file was actually a DOCM document. This macro-enabled document asked to click “Enable Content” button and clicking it lead to the installation of ransomware.
During its quite short lifetime, malware was updated several times. Different versions of the virus marked encrypted files with .jaff, .wlu and .sVn extensions that made them impossible to open.
However, malware researcher from Kaspersky Labs found the flaw in ransomware’s code. This discovery helped to create a decryption software that can unlock encrypted files for free. Meanwhile, developers of virus offered to use their questionable decryptor for 1.82-2 Bitcoins.
Victims were never encouraged to have business with cyber criminals. However, desperate need for files might have lead thousands of people to pay the ransom. Fortunately, obtaining a decryption key from hackers is no longer an option. Free and secure decryption software can be downloaded from here.
Nevertheless, data recovery seems the most important task after ransomware attack; it’s not quite true. Before taking advantage of the newly created decryptor, you have to make sure that Jaff malware is no longer on your computer.
While crypto-malware resides on the system, all attempts to recover your files might fail. The virus might encrypt decrypted files again. It goes without saying that this malicious program running on your computer also makes the system vulnerable and easily accessible to other cyber threats. Thus, first of all, you have to focus on virus removal.
For ransomware elimination, you will need to use a professional malware removal program and run a full system scan. However, this ransomware is designed to prevent from simple deletion from the system. Thus, you may need to take extra steps before running security software. In this case, Jaff removal instructions on 2-spyware will be handy to you.