Czech security software company named Avast has introduced new decryption tool for CryptoMix Ransomware, also known under other aliases, including CryptFile2, Zeta or CryptoShield. This decryption tool works for files that were encrypted while in offline mode.
CryptoMix is a ransomware strain that was first observed in the wild back in March 2016. A few months ago it was renamed by its authors to CryptoShield, but the essence is the same. To protect against this malware, this tool works for all the victims who had their files encrypted while in offline mode, which is when the ransomware runs and encrypts a victim’s computer even when there’s no Internet connection available, thus making it impossible for the malware to reach its Command & Control server. The keys provided by Avast can be used to try and decrypt the files, but there is no guaranteed success, as with most such tools and there’s even the risk of losing the files.
Avast has warned that CryptoMix is a nasty ransomware strain that has been spreading for a while. Its code quality is pretty low compared to its competitors and it even contains flaws that may cause your files to become undecryptable. You can easily find online complaints left by victims that paid the ridiculous amounts of extortion (5-10 bitcoins ~ $5,000-$10,000) and that were left without decrypted files. To pevent against this kind of malware, kindly alert for everything you download off the Internet.