Thursday, June 19, 2025

Security Boulevard Logo

Security Boulevard

The Home of the Security Bloggers Network

Community Chats Webinars Library
  • Home
    • Cybersecurity News
    • Features
    • Industry Spotlight
    • News Releases
  • Security Creators Network
    • Latest Posts
    • Syndicate Your Blog
    • Write for Security Boulevard
  • Webinars
    • Upcoming Webinars
    • Calendar View
    • On-Demand Webinars
  • Events
    • Upcoming Events
    • On-Demand Events
  • Sponsored Content
  • Chat
    • Security Boulevard Chat
    • Marketing InSecurity Podcast
    • Techstrong.tv Podcast
    • TechstrongTV - Twitch
  • Library
  • Related Sites
    • Techstrong Group
    • Cloud Native Now
    • DevOps.com
    • Security Boulevard
    • Techstrong Research
    • Techstrong TV
    • Techstrong.tv Podcast
    • Techstrong.tv - Twitch
    • Devops Chat
    • DevOps Dozen
    • DevOps TV
  • Media Kit
  • About
  • Sponsor

  • Analytics
  • AppSec
  • CISO
  • Cloud
  • DevOps
  • GRC
  • Identity
  • Incident Response
  • IoT / ICS
  • Threats / Breaches
  • More
    • Blockchain / Digital Currencies
    • Careers
    • Cyberlaw
    • Mobile
    • Social Engineering
  • Humor
SBN News Security Bloggers Network 

Home » Cybersecurity » SBN News » Planetary Ransomware Victims Can Now Recover Their Files for Free

SBN

Planetary Ransomware Victims Can Now Recover Their Files for Free

by David Bisson on April 8, 2019

Security researchers have released a decryptor that enables victims of the Planetary ransomware family to recover their files for free.

Released by Emsisoft, this decryptor requires a victim to have a copy of the ransom note. It’s not hard to find. Planetary ransomware, which earns its name for its use of planet-related file extensions including “.Pluto” and “.Neptune,” places a copy of its message in each folder in which it encrypted files as well as on the desktop of the infected machine.

Techstrong Gang Youtube
AWS Hub

The ransom note demands that victims contact either “recoverymydata@protonmail[dot]com” or “recoverydata@india[dot]com” with their personal ID, which is obscured in the Bleeping Computer screenshot provided below. The attackers then promise to send over a decryptor once they’ve received payment from the victims.

Screenshot of the Planetary ransom note. (Source: Bleeping Computer)

Victims should download the decryptor, a link for which is available through Bleeping Computer, and save it to their machine’s Desktop. They should then run the decryptor with admin privileges. This will ensure that the tool can recover all of the files affected by the ransomware.

When they run the decryptor, the tool will ask the victims to select a ransom note and click “Start.” The utility will then use that ransom note to display the decryption key used by the ransomware to encrypt the victim’s files. At that point, the user can enter that decryption key into the decryptor screen, select any drives they’d like to decrypt and click the “Decrypt” button. Doing so will cause the program to search the computer for relevant file extensions used by the ransomware and, in turn, decrypt them.

It’s possible that those behind Planetary ransomware could plug whatever vulnerability which Emsisoft exploited to create its decryptor in the first place, thereby rendering its free tool ineffective. Given (Read more...)

*** This is a Security Bloggers Network syndicated blog from The State of Security authored by David Bisson. Read the original post at: https://www.tripwire.com/state-of-security/security-data-protection/cyber-security/free-decryptor-planetary-ransomware/

April 8, 2019April 8, 2019 David Bisson Cyber Security, decryptor, Latest Security News, planetary, Ransomware
  • ← Migrating Acunetix On-Premise to Another Server
  • Here we go again – third-party app leaks sensitive Facebook data through AWS S3! →

Techstrong TV

Click full-screen to enable volume control
Watch latest episodes and shows

Tech Field Day Events

Upcoming Webinars

How to Spot and Stop Security Risks From Unmanaged AI Tools

Podcast

Listen to all of our podcasts

Press Releases

GoPlus's Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

C2A Security’s EVSec Risk Management and Automation Platform Gains Traction in Automotive Industry as Companies Seek to Efficiently Meet Regulatory Requirements

C2A Security’s EVSec Risk Management and Automation Platform Gains Traction in Automotive Industry as Companies Seek to Efficiently Meet Regulatory Requirements

Zama Raises $73M in Series A Lead by Multicoin Capital and Protocol Labs to Commercialize Fully Homomorphic Encryption

Zama Raises $73M in Series A Lead by Multicoin Capital and Protocol Labs to Commercialize Fully Homomorphic Encryption

RSM US Deploys Stellar Cyber Open XDR Platform to Secure Clients

RSM US Deploys Stellar Cyber Open XDR Platform to Secure Clients

ThreatHunter.ai Halts Hundreds of Attacks in the past 48 hours: Combating Ransomware and Nation-State Cyber Threats Head-On

ThreatHunter.ai Halts Hundreds of Attacks in the past 48 hours: Combating Ransomware and Nation-State Cyber Threats Head-On

Subscribe to our Newsletters

ThreatLocker

Most Read on the Boulevard

Hacktivists Strike Within Minutes of Israel Missile Attacks on Iran Nuclear Sites 
Novel TokenBreak Attack Method Can Bypass LLM Security Features
Washington Post Journalists’ Microsoft Email Accounts Hacked
Trump’s TikTok Tarry — Yet Again, Ban-Can Kicked Down the Road
U.S. Moves to Collect $7.74 Million Tied to N. Korea IT Worker Scam
Guardrails Breached: The New Reality of GenAI-Driven Attacks
Cities of the Future or Hacker’s Paradise? The Cybersecurity Risks of Smart Cities
EU AI ACT
MY TAKE: Microsoft takes ownership of AI risk — Google, Meta, Amazon, OpenAI look the other way
Are Your Cloud Secrets Safe From Threats?

Industry Spotlight

Iran Reduces Internet Access After Israeli Airstrikes, Cyberattacks
Blockchain Cloud Security Cybersecurity Data Security Digital Currency Featured Identity & Access Incident Response Industry Spotlight Network Security News Security Boulevard (Original) Social - Facebook Social - LinkedIn Social - X Spotlight Threat Intelligence Threats & Breaches 

Iran Reduces Internet Access After Israeli Airstrikes, Cyberattacks

June 18, 2025 Jeffrey Burt | Yesterday 0
Trump’s TikTok Tarry — Yet Again, Ban-Can Kicked Down the Road
Analytics & Intelligence Cloud Security Cyberlaw Cybersecurity Data Privacy DevOps Endpoint Featured Governance, Risk & Compliance Humor Industry Spotlight Mobile Security Most Read This Week Network Security News Popular Post Security Awareness Security Boulevard (Original) Social - Facebook Social - LinkedIn Social - X Social Engineering Spotlight Threat Intelligence Threats & Breaches 

Trump’s TikTok Tarry — Yet Again, Ban-Can Kicked Down the Road

June 18, 2025 Richi Jennings | Yesterday 0
Novel TokenBreak Attack Method Can Bypass LLM Security Features
Cloud Security Cybersecurity Data Privacy Data Security Featured Identity & Access Industry Spotlight Mobile Security Network Security News Security Awareness Security Boulevard (Original) Social - Facebook Social - LinkedIn Social - X Spotlight Threat Intelligence Vulnerabilities 

Novel TokenBreak Attack Method Can Bypass LLM Security Features

June 17, 2025 Jeffrey Burt | 2 days ago 0

Top Stories

Google’s $32 Billion Acquisition of Wiz Draws DoJ Antitrust Probe: Report
Cybersecurity Featured News Security Boulevard (Original) Social - X Spotlight 

Google’s $32 Billion Acquisition of Wiz Draws DoJ Antitrust Probe: Report

June 19, 2025 Jon Swartz | 46 minutes ago 0
AWS Makes Bevy of Updates to Simplify Cloud Security
Cloud Security Cybersecurity Featured News Security Awareness Security Boulevard (Original) Social - Facebook Social - LinkedIn Social - X Spotlight 

AWS Makes Bevy of Updates to Simplify Cloud Security

June 18, 2025 Michael Vizard | Yesterday 0
U.S. Moves to Collect $7.74 Million Tied to N. Korea IT Worker Scam
Cloud Security Cybersecurity Data Privacy Data Security Featured Identity & Access Network Security News Security Boulevard (Original) Social - Facebook Social - LinkedIn Social - X Social Engineering Spotlight Threat Intelligence 

U.S. Moves to Collect $7.74 Million Tied to N. Korea IT Worker Scam

June 17, 2025 Jeffrey Burt | 2 days ago 0

Security Humor

Randall Munroe’s XKCD ‘Good Science’

Randall Munroe’s XKCD ‘Good Science’

Download Free eBook

The State of Cloud Native Security 2020

Security Boulevard Logo White

DMCA

Join the Community

  • Add your blog to Security Creators Network
  • Write for Security Boulevard
  • Bloggers Meetup and Awards
  • Ask a Question
  • Email: [email protected]

Useful Links

  • About
  • Media Kit
  • Sponsor Info
  • Copyright
  • TOS
  • DMCA Compliance Statement
  • Privacy Policy

Related Sites

  • Techstrong Group
  • Cloud Native Now
  • DevOps.com
  • Digital CxO
  • Techstrong Research
  • Techstrong TV
  • Techstrong.tv Podcast
  • DevOps Chat
  • DevOps Dozen
  • DevOps TV
Powered by Techstrong Group
Copyright © 2025 Techstrong Group Inc. All rights reserved.
×