Smock Ransomware ([ID random 8]<email>.SMOCK, .SMOK, .MEHRO, .ciphx) Support

Some encrypted files

Edited by glicinio, 08 October 2024 - 06:51 AM.

Some encrypted files

Most likely, I can help you

 

Some encrypted files

Most likely, I can help you

 

can you explain how i decrypt the files??

can you explain how i decrypt the files??

Here are your decrypted files

wow, nice i have incrypted databases how can i decrypt them

thank you in advance

wow, nice i have incrypted databases how can i decrypt them

 

thank you in advance

 

 

maybe if i pay....

If you pay you support the malware creators, I believe one of the mods has some information about why you shouldn't pay.

rivitna is not one of the malware creators, but he can help with decryption in some cases.

glicino should contact him by PM for the possibility of further help, since rivitna  has already been able to decrypt some of his files.

rivitna does not ask for payment.

maybe if i pay....

Sorry, I'm not doing decryption anymore.

It takes a lot of time and effort.
I don't have any free time.

 

maybe if i pay....

Sorry, I'm not doing decryption anymore.

It takes a lot of time and effort.
I don't have any free time.

 

No problem, I didn't expect someone to decrypt it, at least for free

As with most ransomware the best solution for dealing with encrypted data after an infection is to restore from backups that have been isolated (offline) to a device not always connected to the network or home computer so they are unreachable. The only reliable way to effectively protect your data and limit the loss with this type of infection is to have an effective backup strategy. Without having safely stored backups to restore from, in most cases your data is likely lost forever.
 
With that said...in cases where there is no free decryption tool (or a previous tool/decryption method no longer works for newer variants), restoring from back ups is not a viable option and file recovery software does not work, the only other alternative to paying the ransom (which is not advisable) even if you can reach the criminals to pay is to backup/save your encrypted data as is and wait for a possible solution at a later time...meaning, what seems like an impossibility at the moment (decryption of your data), there is always hope someday there may be a potential solution.

I'm a victim too of this SMOKE thing.

While resarching I found the following Website :

https://phobosdecryptor.ru/smock-ransomware/

They want 500 USDTS !

What do you think about ?

What do you think about ?

 

A extortion gang from Ukraine pretends to be Russian extortionists.

The telephone codes +44 belong to the UK. Ingenious! (=super idiocy!)

Edited by Amigo-A, 18 October 2024 - 11:36 AM.

https://phobosdecryptor.ru/smock-ransomware/

 

What do you think about ?

They write about things they don't understand (-:

I'm a victim too of this SMOKE thing.
While resarching I found the following Website :
 
https://phobosdecryptor.ru/smock-ransomware/

Ransomware victims should ignore all Internet web searches which provide numerous links to bogus and untrustworthy ransomware removal guides, including Facebook and YouTube videos, many of which falsely claim to have decryption solutions. After expert researchers write about new ransomware variants, junk articles with misinformation are quickly written in order to scare, goad or trick desperate victims into using or purchasing mostly sham removal and decryption software. In some cases, unsuspecting victims may actually be downloading a malicious file or fake decryptor that makes the situation even worst. Only use trusted sources when searching for information.