hello,
I also have the same issue. Some of my files have been encrypted with the .encrypt extension.
Please how can i decrypt this?
Thank you
.
Note: ECh0raix is not related to Muhstik. As such, victims of ransomware with the .muhstik extension, please post in this Support Topic.
BloodDolly released a free ECh0raix Decoder decryption tool (Post #184) which can find the key and decrypt old variants of ECh0raix for victims infected prior to July 17, 2019. Using this decoder, victims can brute force the decryption key for encrypted files and use it to restore them. Everyone infected after July 19, 2019 was hit with new variant. A quick way to tell if your are a victim of the new unbreakable version is if the key at the end of the ransom note is 173 characters long.
BloodDolly updated ECh0raix Decoder (V1.0.6) so victims can use any file as a source of decryption keys, however the decoder still cannot find the decryption key for newer versions of ECh0raix. See Post #707. Alternate download link and instructions provided here.
Newer versions of eCh0raix Ransomware (July 19, 2019 and later) are not decryptable without paying the ransom (not advisable) and obtaining the private encryption keys from the criminals who created the ransomware unless they are leaked or seized & released by authorities. Without the criminal's master private key that can be used to decrypt your files, decryption is impossible. That usually means the key is unique (specific) for each victim and generated in a secure way (i.e. RSA, AES, Salsa20, ChaCha20, ECDH, ECC) that cannot be brute-forced.
Some eCh0raix victim's reported successful decryption using Kaspersky's RakhniDecryptor Tool. See the comments provided by Demonslay335 in Post #151. Amigo-A also advised Dr.Web may be able to assist with decryption in Post #152.
Back to top
