How to recover from the OSX/Filecoder.E ransomware on your Mac

Buggy ransomware didn't offer a method of recovery even if you paid the extortionists. Until now.

How to recover from the FileCoder ranso

Last week I warned of the OSX/Filecoder.E ransomware that had been discovered by researchers at ESET, after it was distributed via BitTorrent distribution sites as cracks for pirated software.

One of the things that made OSX/Filecoder.E (which is also known as Patcher or Filezip) notable as malware was not just that it targeted Mac users, but also that - even if you gave in to the attackers’ ransom demands - there was no way for your encrypted data to be recovered.

Well, a week can be a long time in malware - and as Thomas Reed of MalwareBytes reports there is some hope for macOS users who have fallen victim to an attack:

For those who get infected with Findzip (aka Filecoder), it’s still true that the hackers behind it can’t give you a key to decrypt it. There’s no honor among these particular thieves, as they’re lying about their ability to help if you pay the ransom.

However, all hope is not lost! If you made the mistake of not having a backup, or if your backup was also compromised by the ransomware, there’s still a chance for you to recover.

Nice work.

The technique for recovery is clearly quite fiddly and involved, but if you were unlucky enough to have been hit by an OSX/Filecoder.E infection it may be your best hope.

Of course, we all should remember that when it comes to ransomware prevention is better than cure.

That means keeping your computer patched with the latest security updates, running an up-to-date anti-virus solution, and maintaining secure backups beyond the reach of online criminals.

Tags: , , , ,

Share this article:

   Join thousands of others and sign up to our free "GCHQ" newsletter.

Smashing Security podcast
Check out "Smashing Security", the award-winning weekly audio podcast, with Graham Cluley, Carole Theriault, and special guests from the world of information security.

"It's brilliant!" • "Three people having fun in an industry often focused on bad news" • Winner of the Best Security Podcast 2018

Latest episodes:
Listen on Apple Podcasts Listen on Google Podcasts

, , , ,

No comments yet.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.