Site icon Emsisoft | Cybersecurity Blog

Emsisoft releases new decryptor for Muhstik ransomware

Muhstik Decryptor

Muhstik Decryptor

We just released a new decryption tool for the Muhstik ransomware strain. You can download the FREE decryption tool linked below. A detailed guide is also included.

Emsisoft Decryptor for Muhstik

Technical details

Muhstik is a strain of ransomware that encrypts files on compromised QNAP systems using AES-256, and adds the extension “.muhstik” to files.

The ransom note “README_FOR_DECRYPT.txt” contains the following text:

All your files have been encrypted.

You can find the steps to decrypt them in any the following links: http://13.234.89.185/.unlock/payment/[redacted ID] Could go offline at any time http://51.38.231.30/.unlock/payment/[redacted ID] Could go offline at any time

Or use TOR link, guaranteed Online 100% of the time: http://5mngytmdpeyyp6xk.onion/payment/[redacted ID] Use TOR browser to access .onion websites. https://duckduckgo.com/html?q=tor+browser+how+to

Do NOT remove this file and DO NOT remove last line in this file!

Your ID: [redacted ID]

Emsisoft Enterprise Security + EDR

Robust and proven endpoint security solution for organizations of all sizes. Start free trial

Successful decryption of Muhstik

Regardless of what the ransom note might say, our decryption tool can help you recover your files for free. Please get in touch with our support team if you have any questions.

Exit mobile version