eCh0raix Ransomware - QNAPCrypt/Synology NAS (.encrypt) Support Topic

Hello,

first time for being in an forum ;-)

Last week i was attaked by ransomeware eCh0raix on my nas. I tried different decocers without luck.

In this forum i read, that some people found help to decode the files.

My txt file is: 

Per the first page of this topic.

BloodDolly released a free ECh0raix Decoder decryption tool (Post #184) which can find the key and decrypt old variants of ECh0raix for victims infected prior to July 17, 2019. Using this decoder, victims can brute force the decryption key for encrypted files and use it to restore them. Everyone infected after July 19, 2019 was hit with new variant. A quick way to tell if your are a victim of the new unbreakable version is if the key at the end of the ransom note is 173 characters long. 
 
BloodDolly updated ECh0raix Decoder (V1.0.6) so victims can use any file as a source of decryption keys, however the decoder still cannot find the decryption key for newer versions of ECh0raix. See Post #707. Alternate download link and instructions provided here.

hi quietman7

thank you for your answer! Helps me a lot :-)

I dont understand what you meen with "the key at the end..."

Would you be so kind and explane it to me?

Thank you

See the example ransom notes posted here.

Thank you, but i am sorry - it seem i have no chance :-(

Best Regards

In cases where there is no free decryption tool (or a previous tool no longer works for newer variants), restoring from back up is not a viable option and file recovery software does not work, the only other alternative to paying the ransom (which is not advisable) even if you can reach the criminals to pay is to backup/save your encrypted data as is and wait for a possible solution at a later time...meaning, what seems like an impossibility at the moment (decryption of your data), there is always hope someday there may be a potential solution.

You were fortunate. Not everyone who pays the ransom demand is successful with decryption of their data or even getting a decrypter from the criminals and not everyone is successful negotiating a payment with them. 

deleted!

Edited by Vogel70, 28 October 2023 - 11:15 AM.

it looks like that some old QNAPs are still getting infected, but not possible to use the decoder as people can't get the key anymore

Best way now to recover (and free) is Photorec!!

 

Hello everyone, someone knows the new link to the eCh0raix payment site

 

The previous portals are out of line

 

 

Thanks

 

 

​

 

 

 

 

 

old website is up but no one answering, so useless at the moment.. use photorec!

Recently, my NAS got encrypted. I started searching on Google and stumbled upon this topic, many people are writing that their decryptor doesn't work. I pondered for a long time what to do, didn't really want to pay, and the amount was significant for me. But my wife kept nagging me about the photos because there were children's photos and our wedding photos stored there. I decided to pay when I saw they had a 30% discount for payment. After reading the forum, I realized I was lucky that my files were decrypted, or they changed something in the decryptor