Security News > 2021 > May > Ransomware gangs' slow decryptors prompt victims to seek alternatives
Recently, two highly publicized ransomware victims received a decryptor that was too slow to make it effective in quickly restoring the victim's network.
In addition to the bugs, Wosar told BleepingComputer that ransomware operations' decryptors are "Atrociously slow", which makes them a lot less effective than restoring files from backups.
While Emsisoft's decryptor was designed for data safety, it is also much faster than ransomware gang's decryptors.
Wosar also stated that it is not unheard of for victims to be affected by multiple ransomware attacks simultaneously, which prompted Emsisoft to adapt their decryptor to be able to load in multiple decryption keys from different ransomware families and decrypt the files in one go.
Wosar agreed to allow BleepingComputer to test their decryptor against publicly available samples of Conti and DarkSide and their respective decryptors previously shared on malware analysis sites.
While these specs are grossly different than what would be used in real-life scenarios, they still allow us to gauge the difference in speed between the Emsisoft decryptor and the ones provided by ransomware gangs.