BigBobRoss ransomware decrypter tools released by Emsisoft & Avast

Emsisoft & Avast have released BigBobRoss ransomware decrypter tools. Just like many lesser viruses and malware, the BigBobRoss ransomware was a silent criminal. Its sheen was hidden behind the more notorious ransomware like Matrix, Wannacry, etc. The problem here was you couldn’t treat the disease you never knew of.

BigBobRoss ransomware decrypter tools


IT security companies were unaware of the BigBobRoss ransomware until very recent when some victims of the ransomware identified its exact name and reported it to the appropriate authorities. This was done using a service namedID-RansomwareID-Ransomware developed by Michael Gillespie, a security researcher at Emisoft.

The BigBobRoss ransomware is comparatively an amateur. It has been scripted in C++ using QT and uses AES-128 ECB for encrypting the files. After modifying the files, the ransomware changes their extension to .obfuscated which makes them unusable for the user. A text file named Read Me.txt is attached, and it contains the information about the information hijack and demand for ransom.

The cyber-criminals ask the victim to send an email to for clarification over the recovery procedure which is basically the way they demand random. Apparently, the ransom is to be paid in Bitcoins since they explain the procedure to buy Bitcoins.

As proof of the abilities of their decryption tool, the hijackers offer the victim the decryption of one unimportant file of less than 1MB. The rest would be done through the tool they would get only after paying the ransom money.

What to do if you are a victim?

Since the ransomware affects users by encrypting their files and changing the extension, the best resolution would be using the free ransomware decrypter tools. Since you can decrypt the files for free now, the hijacker’s plan becomes ineffective. You can download them here from Emsisoft or Avast.

How does the ransomware spread and how to protect yourself?

There isn’t much information on how BigBobRoss ransomware spreads, though one of the users confirmed that it spread to his system through a hacked server. While there are some basic steps one can take to prevent ransomware, including making use of some free anti-ransomware software, it can still happen that you end up being a victim of some ransomware.

Posted by with Tags
Karan Khanna is a passionate Windows 10 user who loves troubleshooting Windows problems in specific and writing about Microsoft technologies in general.