A cryptographer has been released for ransomware ThunderX, by the company cybersecurity Tesorion, which allows victims to recover their files for free.
ThunderX is a relatively new ransomware that was activated at the end of August 2020. This week, however, the Dutch company Tesorion managed to find a flaw in the ransomware encryption so that victims could decrypt their files without paying a ransom.
This cryptographer can to decrypt files encrypted by the current version of ThunderX ransomware and have the extension .tx_locked, as shown below.
To use the decryptor, you will also need to upload one copy of the readme.txt file containing the ransomware instructions, as well as an encrypted file so that a key decryption.
To decrypt your data download the Tesorion ThunderX Ransomware decoder and run it. When asked, agree to the license agreement.
Click File> Open and select the readme.txt file that contains the ransom note. Then press «Send»To upload the file to Tesorion.
You will now be prompted to upload an encrypted file. Follow the instructions and upload a PPTX, DOCX, XLSX or ZIP file.
Once you have uploaded the files, Tesorion Servers will try to identify your decryption key. This process can take a long time, so please be patient.
When you are finished, an encryption key will be automatically uploaded to the decryptor and you will be prompted to select a folder to decrypt.
To select a folder, click the select button and select the root folder of one unitdrive (C:, D:, etc.) or a specific folder.
Then press the «decrypt»To decrypt all files in this folder and its subfolders.
When you have completed the decryption, you will see a summary showing the number of files that have been decrypted and those that have problems.
