Ransomware is the new generation computer virus. It can completely lock down Windows 10 computer pretty much known to everybody. One of the recent strain of ransomware is CryptoPokemon. It encrypts your files and demands a payment of 0.02 Bitcoin to decrypt them. The good news is that Emsisoft has released a free ransomware decryptor tool to get rid of the ransomware.
CryptoPokemon ransomware decryption tool
The first thing you need to is not to panic, because there is a solution which can rid of this without paying anything.
What is CryptoPokemon ransomware
CryptoPokemon malware uses the Blowfish algorithm to encrypt disk files. The ransomware encrypts all your files using SHA256 + AES128. Then it puts up a note asking to transfer 0.02 Bitcoin to a specified wallet. The attacker has also disclosed their email id to contact them.
Here’s the ransom note in full:
All files on your computer are encrypted. Files have the extension CRYPTOPOKEMON.
Do not try to decrypt the files yourself, this will only contribute to the loss of all your data on the computer.
To decrypt files, please transfer 0.0200000 BTC to 1Lx46kNYSXTRwMWBxhxxdW3nisJ61yfVoW
After you transfer money, write to email firstname.lastname@example.org , saying this word “12356749412506806744”.
For advanced users:
After transferring money, go to http://cryptopokemon.top/ , and follow the instructions.
Your computer ID: 12356749412506806744
To enter the site, use the browser.
COPYRIGHT (c)2019 PokemonGO CRYPTOLOCKER pokemongo.icu
How to use the Emsisoft CryptoPokemon decrypter
- Download the Emsisoft CryptoPokemon decrypter.
- Run the executable and confirm the license agreement when asked.
- Click “Start” to decrypt your files.
- It takes some time, and post that, the files are accessible.
Incidentally, the creators of this ransomware have just released the source code via a Twitter account with the handle “@PokemonGoICU”. You can find it on Github.