Hi everyone, i have been hit bye the .mkp ransomware.
Searching online i found out your forum and i want to ask you all a thing:
is hxxps://stopdjvudecryptor.ru/ good?
Does anyone tried to decrypt with it?
They ask 500$ in bitcoin, and as far as i know is not the best metod to make a payment for service ---> scamm vibes...
the thing is: they decrypt my test file with success and i dont know if is right to proceed.
The Emsisoft STOP Djvu Decryptor is only intended for victims of STOP (Djvu) Ransomware and should only be downloaded from a trusted source. You are dealing with an entirely different infection (Makop-Oled Ransonware).
Ransomware victims should always ensure they have properly identified the ransomware AND are using the correct decryptor tool before attempting to decrypt their files. Using a faulty (malfunctioning, defective) or incorrect decryptor (one intended for another specific type of ransomware) may cause additional damage and corrupt the encrypted files, thus decreasing your chances for recovering data.
Ransomware victims should ignore all Internet web searches which provide numerous links to bogus and untrustworthy ransomware removal guides, including Facebook and YouTube videos, many of which falsely claim to have decryption solutions. After expert researchers write about new ransomware variants, junk articles with misinformation are quickly written in order to scare, goad or trick desperate victims into using or purchasing mostly sham removal and decryption software. Victims may be directed to download a multitude of unnecessary and useless tools. In some cases, unsuspecting victims may actually be downloading a malicous file or fake decryptor resulting in double (multiple) encryptions that makes the situation even worst. Further, your personal and financial information are also at risk when dealing with scammers. Only use trusted sources when searching for information.
As for the link you provided...Bleeping Computer cannot vouch for those who claim they can decrypt data or help in other ways. We have have no way of knowing the background, expertise and motives of all companies or individuals who indicate decryption is possible. We have no way of vetting whether a person has a true technical method of recovering files, is scamming users by just paying ransoms for the key, or are the ransomware operators themselves. We advise everyone to be cautious with whomever you are dealing with, what services they are able to provide and what claims they make before sending money or paying a fee to anyone.
Data recovery services typically act as a "middleman", pay the criminals...pretend they cracked the decryption and charge the victim more than the ransom demands, in many cases not telling them that is how they acquired the means of decryption. Others hide the actual ransom cost from clients and mark the cost up exponentially as noted here. Many of them instruct victims to submit one or two limited size files for free decryption as proof they can decrypt the files with claims of 100% guaranteed success, collect the victim's money and are never heard from again. The criminals behind creating and spreading ransomware do the same.
Please read my comments in this topic (Post #675) for information as to what we know about those who claim they can decrypt data including using and paying data recovery services.
Back to top
