ESET Releases Update of Decryption Tool for Victims of the Crysis Family Ransomware

Today, ESET has released an updated version of its free decryptor for ransomware victims. Anyone whose data or devices have been hit by the Crysis family, (detected by ESET as Win32/Filecoder.Crysis) – now adding  the .dharma extension, can now get their files back for free.

The tool has been updated with master decryption keys recently released via a forum at BleepingComputer.com – mirroring the same key release scenario seen in November 2016 for older variants of this malware.

With the current update, ESET’s decrypting tool can help victims of six unique variants of this specific ransomware family. Each of them is identifiable by the use of a specific extension: .xtbl, .crysis, .crypt, .lock, .crypted, and .dharma.

The Crysis malware family began gaining prominence after one of its main “competitors”, TeslaCrypt, ceased operations in the first half of 2016. Since then, ESET’s free decryption tools for those two families of malware have been downloaded by more than 50.000 users around the globe.

If you have been a victim of Crysis ransomware, you can find and download the free ESET Crysis decryptor from our free utilities page. If you need additional information on how to use the tool, please refer to ESET Knowledgebase.