Victims of the latest strain of Globe ransomware can now unlock their files without paying out money to cybercriminal extortionists, thanks to a newly released and free-to-use decryption tool.
As its name suggests, Globe3 is the third incarnation of Globe ransomware, which first appeared in summer 2016.
Globe and Globe2 have successfully infected numerous targets with high profile victims including a group of UK hospitals which were forced offline by a Globe2 ransomware infection and had to cancel 2,800 patient appointments as a result.
Free decrypters for Globe and Globe2 have previously been released, and are available as part of the No More Ransom free decryption tool project. However, while this was beneficial to victims of this ransomware strain, it has led to criminals developing a new version, Globe3.
Cybersecurity researchers at Emsisoft spotted the new variant around the turn of the New Year. Globe3 has been tweaked to allow perpetrators to customise the ransomware depending on the targets they want to infect. It notably allows users to demand larger ransoms when targeting enterprise networks, which have become increasingly lucrative targets for ransomware pushing cybercriminals.
Constructed using a Globe ransomware builder, users are able to build numerous different variants of Globe3. If infected with this latest strain, users can recognise they've become a victim because extensions of files will have been changed to .decrypt2017 or .hnumkhotep.
Like most other forms of ransomware, Globe3 demands that the victim pays a bitcoin ransom in order to regain access to their files and also warns that attempting to self-decrypt the locked files will result in the destruction of the data.
However, Emsisoft researchers have managed to find a way to recover Globe3 encrypted files and have released a free tool capable of decrypting "all possible variants" of Globe3 that can currently be produced by the cybercriminal tool. Users affected by Globe3 can download the free decrypter from here.
Ransomware has boomed during 2016, with the cost of ransomware attacks amounting to to amount to more than $1 billion during the year.
Unfortunately, ransomware doesn't show any signs of slowing down and it's likely to only become a bigger problem during 2017.
Read more on cybercrime
- Remove ransomware infections from your PC using these free tools
- Progress in ransomware battle remains murky despite industry efforts [TechRepublic]
- Easy to carry out, difficult to fight against: Why ransomware is booming in 2016
- This ransomware targets HR departments with fake job applications
- Europol, Intel and Kaspersky team up to crack down on ransomware [CNET]