"Emsisoft Releases Free Decryptor For AstraLocker and Yashma Ransomware"

Cybersecurity solutions provider Emsisoft has recently released a free decryption tool to enable AstraLocker and Yashma ransomware victims to recover their files without paying a ransom.  The company noted that the AstraLocker decryptor is for the Babuk-based one using .Astra or .babyk extension, and the company released a total of 8 keys.  The Yashma decryptor is for the Chaos-based one using .AstraLocker or a random .[a-z0-9]{4} extension and the company released a total of 3 keys.  The company warned AstraLocker and Yashma Ransomware victims to take precautions before using the decryptor.  The company stated that organizations affected by the ransomware should quarantine the malware from their system first before using the decryptor, or it may repeatedly lock their system or encrypt files.  The company issued additional recommendations in case the victim's systems were targeted via the windows remote desktop (WRD) feature.  The company stated that if one's system was compromised through [WRD], they also recommend changing all passwords of all users that are allowed to login remotely and check the local user accounts for additional accounts the attacker might have added.  

Infosecurity reports: "Emsisoft Releases Free Decryptor For AstraLocker and Yashma Ransomware"