Do you ever face problem with Ransomware?
I never face real threat from ransomware until one of my colleague pc was infected by .npph ransomware. He reported me that something wrong with his excel files and cannot open. When I checked the files, I found their extension were changed to .npph and even though I changed the extensions back, the files could not be open.
I could not open infected files, because they were encrypted by ransomware. I checked the internet and found that the colleague pc was infected by npph ransomware which belongs to the family of Djvu ransomware. It encrypts file, modifies their filenames and creates a ransom note. I found the following note in _readme.txt file.
As written in the _readme.txt file, npph has encrypted documents with the encryption algorithm. In order to decrypt files, victim has to use a certain decryption software and unique key. It has to be purchased for $980 or $490, price depends on how fast victims response.
I find on google whether there is any third party decryption tool freely available, because my colleague is surly not afford to pay $980 or $490 to ransomer, and cyber criminals cannot be trusted that no grantee that he will get decryption tool even if he pay ransom money. I heard that they do not send any decryption tools even if victims pay a ransom. Unfortunately, I was unable to find any tool available to decrypt his encrypted files.
From what i found out, there are two types of keys which are online and offline, and it was impossible to decrypt online key, and some of offline key were found by Emisissoft, so they can be some what decrypt for free. I also found some youtube videos showing how to decrypt these files and tried but not succeed.
As he could not recover effected files, he has to remove malware inside his pc anyway. Many websites suggested to reinstall Windows OS to completely remove malware, but there are anti-malware software you can try to remove them. You have to install one of them even before you face malware problem, to prevent malware infection. Many Websites recommended Malwarebytes, which can get free.
If you face similar situation, I think my experience can help you.
You can find information about how to decrypt npph infected file at http://zap.in/2j07K. There are information about other malwares too.
You can find npph decryptor developed by Emsisoft and Michael Gillespie at http://zap.in/9GAx4 .
You can download Anti-Malware software Malwarebytes at http://zap.in/4d2b4
There is a guide to Remove npph virus and decrypt files in YouTube, but only work for Encryption with Offline key. Check http://zap.in/2ulL8
My colleague still cannot decrypt his files. If you have more advance information about npph ransomware and how to decrypt its encrypt for free, please kindly share with me.