jigsaw ransomwareShort Bytes: Jigsaw ransomware is a new threat affecting the computers and demanding ransom in a scary manner. If you fail to deliver the money in time, Jigsaw keeps on deleting your files and warns you to avoid attempting anything “funny”. Fortunately, security researchers have been able to crack the ransomware and create a free tool to decrypt the infected files.

In past few years, we have seen a huge surge in the instances of ransomware reported in the wild. While some threatened to affect medical devices, others went undetected by most commonly used antivirus products in the market.

Adding its name to the list of treacherous malware, Jigsaw ransomware is here to haunt your nights by playing a scary game with you. It looks as if the maker of Jigsaw took an inspiration from the Saw movies, warning you with a familiar a creepy face of Billy.

Why is Jigsaw ransomware so scary?

After Jigsaw is able to infect your computer, you are given a 24-hours ultimatum to figure out a way to buy $150 worth of Bitcoins and send it to a particular address.

While the other ransomware start hiking the ransom as time passes by, Jigsaw ransomware goes crazy and starts deleting your files.

Just like the criminals in the movies, Jigsaw loves to throw tantrums and warns: “If you try anything funny”, Jigsaw will delete all your files.

If you show some courage and execute the tried and tested method of rebooting your system, another 1,000 files are deleted. If you wait for one more hour, some more files are deleted.

Let me warn you once more, Jigsaw is really serious about its threats. And, if you’ve waited long enough — probably as long as 72 hours — all your files will be deleted.

Calm down folks! Here’s a free tool to decrypt your files.

Thanks to the efforts made by Bleeping Computer, MalwareHunterTeam, and DemonSlay335, a new tool has been released that decrypts the ransomware for free. To decrypt your files, here are few simple steps:

  • The first step involves opening Task Manager and terminating firefox.ex and drpbx.exe processes.
  • Now run MSConfig and disable startup entry called firefox.exe that points to the executable at %UserProfile%\AppData\Roaming\Frfx\firefox.exe.

After these steps, you need to download this file (JigSawDecrypter.zip) and extract the files.

Now, double-click on the JigSawDecrypter.exe file to launch the program and hit the Decrypt My Files button.

That’s all that was needed to be done to decrypt your files. Having said that, fossBytes advises you to follow the safe security practices and hopes that you don’t become a victim of any kind of malware.

Did you find this article interesting? Share your views in the comments below.