Talos security researchers have developed a new decryption tool that victims could potentially use to recover files locked out by PyLocky ransomware.
According to Talos, PyLocky family of ransomware is written in Python and masquerades as a Locky ransomware variant.
The free Talos decryption tool does come with some caveats. Talos noted that the tool will only work “to recover the files on an infected machine where network traffic has been monitored.”
“If the initial C2 traffic has not been captured, our decryption tool will not be able to recover files on an infected machine. This is because the initial callout is used by the malware to send the C2 servers information that it uses in the encryption process,” Talos added.
Ransomware victims should not pay ransoms if at all possible. Instead, organizations should restore from backups if their files can’t be decrypted.