DecryptorMax/CryptInfinite Ransomware Decrypted, No Need To Pay Ransom

An anonymous reader writes: Emsisoft has launched a new tool capable of decrypting files compromised by the DecryptorMax (CryptInfinite) ransomware. The tool is quite easy to use, and will generate a decryption key. For best results users should compare an encrypted and decrypted file, but the tool can also get the decryption key by comparing an encrypted PNG with a random PNG downloaded off the Internet.

Nice tool from Emsisoft

[ITRambo]

Apparently, the bad-guy equivalent of script kiddies (or toddlers) put this ransomware out. No program should be able to decrypt a "properly" encrypted file, or set of files, in a few hours. A lot of people dodged a bullet here as Emsisoft puts out great software. Kudos to them for offering this tool

Random .PNG file?

[CanEHdian]

Why would you need a random .png from the Internet? Can't they just keep whatever part they need (header?) as part of the binary?

Odd way to release a security tool

I wondered why the summary has links to articles on Softpedia and Bleeping Computer instead of linking directly to Emsisoft, whose employee wrote the decryption utility. But it seems Emsisoft has dropped the ball, as they have nothing on their home page or their blog or their changelog that mentions this tool. In fact I can't find any reference to this on their site at all, which makes me suspicious about downloading it.

Both of the articles in the summary point to a link on emsi.at instead of emsisoft.com. Domain registration and name servers point to emsi.at being a legitimate host under the control of Emsisoft, but who knows? What a weird way to release a security tool, with zero announcements on your company website and the download hosted at a URL shortener.