One of the things that made OSX/Filecoder.E (which is also known as Patcher or Filezip) notable as malware was not just that it targeted Mac users, but also that – even if you gave in to the attackers’ ransom demands – there was no way for your encrypted data to be recovered.
Well, a week can be a long time in malware – and as Thomas Reed of MalwareBytes reports there is some hope for macOS users who have fallen victim to an attack:
For those who get infected with Findzip (aka Filecoder), it’s still true that the hackers behind it can’t give you a key to decrypt it. There’s no honor among these particular thieves, as they’re lying about their ability to help if you pay the ransom.
However, all hope is not lost! If you made the mistake of not having a backup, or if your backup was also compromised by the ransomware, there’s still a chance for you to recover.
The technique for recovery is clearly quite fiddly and involved, but if you were unlucky enough to have been hit by an OSX/Filecoder.E infection it may be your best hope.
Of course, we all should remember that when it comes to ransomware prevention is better than cure.
That means keeping your computer patched with the latest security updates, running an up-to-date anti-virus solution, and maintaining secure backups beyond the reach of online criminals.
Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.