Data encrypted, globeimposter 2.0 ?

Hello,

i got a serious Problem. Our Systems got encrypted, and now i don't know how to recover.

The on site synology Nas systems behaive like there no Operating system on them, the Windows systems got the how_to_back_files.html file with the attached content.

anyone got advice for me?

Kind regards Peter

Unfortunately, there is no known method that I am aware of to decrypt files encrypted by any GlobeImposter 2.0 variants without paying the ransom (not advisable) and obtaining the private encryption keys from those who created the ransomware unless they are leaked or seized & released by authorities. The criminal's master private key is needed for decryption. Without the criminal's master private key, decryption is impossible. That usually means the key is unique (specific) for each victim and generated in a secure way (RSA, AES, Salsa20, ChaCha20, EDA2, ECDH, ECC) that cannot be brute-forced...the public key alone that encrypted files is useless for decryption. Even if you're willing to pay ransom demands, sometimes you may not be able to do so if the criminals abandon the TOR site in their ransomware notice. 

There is an ongoing discussion in this topic where victims can post comments, ask questions and seek further assistance. Other victims have been directed there to share information, experiences and suggestions.

• GlobeImposter Ransomware Support Topic (.Crypt & .PSCrypt ext - !back_files!.html)

Rather than have everyone with individual topics, it would be best (and more manageable for staff) if you posted any more questions, comments or requests for assistance in the above support topic discussion...it includes experiences by experts, IT consultants, victims and company representatives who have been affected by ransomware infections. To avoid unnecessary confusion, this topic is closed.
 
Thanks
The BC Staff