decrypting Ransome ware n1n1n1n1

Hi one of our new clients got hit with Ransomeware  type n1n1n1n1 varient. some of their data was not backed up and wasn't critical. this is now critical and we wonder is it possible to decrypt it, where or how would one go about doing this
Thanks again for your help
LVL 1
ZuluGuru777Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

JohnBusiness Consultant (Owner)Commented:
The chances of decrypting newer ransomware variants are very low. Ransomware is spread via email and users need to be trained not to open email from strangers. Then make sure good backups exist.

The general recommendation here is not to pay ransom. Some have, and have been successful. Others have paid and got nothing.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
John TsioumprisSoftware & Systems EngineerCommented:
Just go to the Kaspersky Anti ransomware and hope for the best...usually if you have some patience a decryptor tool that matches your ransomware will be released..
0
Scott CSenior EngineerCommented:
Or you can just pay the ransom.  Most everybody on this site will tell you to NOT do that as it just encourages the criminals to continue.  However, it is up to YOU to determine if the data is valuable enough to pay the ransom in order to recover it.
0
Powerful Yet Easy-to-Use Network Monitoring

Identify excessive bandwidth utilization or unexpected application traffic with SolarWinds Bandwidth Analyzer Pack.

John TsioumprisSoftware & Systems EngineerCommented:
The ugly thing with ransomware is that there is absolutely not guaranty that if you pay the ransom they will definitely give you the key.....so although its way too hard to accept you just lost everything the more people refuse to pay the ransom the less interest there would be to infect people with ransomware...The proposed solution is to replace the infected disk and  put a the infected disk in a drawer and periodically check if a decryptor has being released...
0
btanExec ConsultantCommented:
Suggest you use IDRansom (https://id-ransomware.malwarehunterteam.com/) to identify the exact family and see if decryptor tool is available.

I have also listed out a long list of decryptor in Annex in the EE article.
https://www.experts-exchange.com/articles/28059/TL-DR-Ransomware-Infected.html

As a whole chances are low if backup is not available. It is best effort and advice user not to pay ransom even if it is so critical and need to know that it may not even be warranty to work if paid ransom.
0
btanExec ConsultantCommented:
suggest the points be evenly shared
0
btanExec ConsultantCommented:
Answers are similarly shared
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Disaster Recovery

From novice to tech pro — start learning today.