This week decryptors for three ransomware strains have been released: WannaCryFake, Yatron and FortuneCrypt. Anyone affected can now recover their files for free - the decryptors are available on the No More Ransom website. How to recognise those ransomware infections?
WannaCryFake pretends to be WannaCry, the most notorious ransomware infection, by adding extension .wannacry to encrypted files.
Yatron, which is an example of Ransomware-as-a-Service, has mostly targeted Germany, China, Russia, India and Myanmar. It adds .Yatron extension to the encrypted files.
FortuneCrypt, on the other hand, does not append any extensions to file names and the first sign of infection is a ransom screen, warning victims that in 24 hours their files will be lost if the ransom is not paid.