Decrypt Your Files For Free

Unlock your files, with out decryption Keys for over 140 types of ransomware. Have you been locked out of your files by ransomware? We want to help you decrypt your data with opensource ransomware file decryption tools developed by trusted top software companies. 

Photo by: Triton Computer Corp

How does Ransomeware work?

Ransomware works by locking you out of your computer or mobile device or it encrypts your computer data. In order to unlock or decrypt your data they ask you to pay a ransom with a crypto currency. 

We  recommend that you do not pay the ransom as it is not a guarantee that your data will be successfully unencrypted. We also do not recommend paying the ransom as it encourages the threat actors to continue  their activity.

This service is free, but we do have recommended antivirus software that you should purchase to remove the ransomware, before decryption. We may receive compensation from our Antivirus Partners when you purchase though links on this website.

How does Go Decrypt work?

Go Decrypt is a services to walk you through the steps to recover your files from ransomware without paying the ransom*. We offer an index of open source ransomware decryption keys, to help decrypt your computer from of 90+ types of ransomware for free.

To Get Started Head Over to Go Decrypt to get started.

*It is generally advised not to pay the ransom as it may not lead to you receiving a decryption key, and it encourages the threat actors to keep attacking people with ransomware.

Ransomeware FAQ's

Frequently asked question about ransomware. What it is, how it works and much more.

  • Encryption Ransomware
It encrypts personal files and folders (documents, spread sheets, pictures, and videos). The affected files are deleted once they have been encrypted, and users generally encounter a text file with instructions for payment in the same folder as the now-inaccessible files. You may discover the problem only when you attempt to open one of these files. Some, but not all types of encryption software show a ‘lock screen’.
  • Lock Screen Ransomware — WinLocker
It locks the computer’s screen and demands payment. It presents a full screen image that blocks all other windows. No personal files are encrypted.
  • Master Boot Record (MBR) Ransomware
The Master Boot Record (MBR) is the part of the computer’s hard drive that allows the operating system to boot up. MBR ransomware changes the computer’s MBR so that the normal boot process is interrupted. Instead, a ransom demand is displayed on the screen.
  • Ransomware encrypting web servers
It targets webservers and encrypts a number of the files on it. Known vulnerabilities in the Content Management Systems are often used to deploy ransomware on web services.
  • Mobile device ransomware (Android)
Mobile devices (mostly Android) can be infected via “drive-by downloads”. They can also get infected through fake apps that masquerade as popular services such as Adobe Flash or an anti-virus product.

Paying the ransom is never recommended, mainly because it does not guarantee a solution to the problem. There are also a number of issues that can go wrong accidentally. For example, there could be bugs in the malware that makes the encrypted data unrecoverable even with the right key.

In addition, if the ransom is paid, it proves to the cybercriminals that ransomware is effective. As a result, cybercriminals will continue their activity and look for new ways to exploit systems that result in more infections and more money on their accounts.

A ransomware attack is typically delivered via an e-mail attachment which could be an executable file, an archive or an image. Once the attachment is opened, the malware is released into the user’s system. Cybercriminals can also plant the malware on websites. When a user visits the site unknowingly, the malware is released into the system.
The infection is not immediately apparent to the user. The malware operates silently in the background until the system or data-locking mechanism is deployed. Then a dialogue box appears that tells the user the data has been locked and demands a ransom to unlock it again.  By then it is too late to save the data through any security measures.
For more information please see the video below:

Any consumer and any business can be a victim of ransomware. Cybercriminals are not selective, and are often looking to hit as many users as possible in order to obtain the highest profit.

Indeed, on the grounds that cybercriminals realize that associations are bound to pay as the information held hostage is normally both delicate and imperative for business coherence. Likewise, it can now and then be more costly to restore backups than to pay a ransom.

Ransomware is on the rise – there are now more than 50 families of this malware in circulation — and it’s evolving quickly. With each new variant comes better encryption and new features. This is not something you can ignore!

One of the reasons why it is so difficult to find a single solution is because encryption in itself is not malicious. It is actually a good development and many benign programs use it.

The first crypto-malware used a symmetric-key algorithm, with the same key for encryption and decryption. Corrupted information could usually be deciphered successfully with the assistance of security companies. Over time, cybercriminals began to implement asymmetric cryptography algorithms that use two separate keys — a public one to encrypt files, and a private one, which is needed for decryption.

The CryptoLocker Trojan is one of the most famous pieces of ransomware. It also uses a public-key algorithm. As each computer is infected it connects to the command-and-control server to download the public key. The private key is accessible only to the criminals who wrote the CryptoLocker software. Usually, the victim has no more than 72 hours to pay the ransom before their private key is deleted forever, and it is impossible to decrypt any files without this key.

So you have to think about prevention first. Most antivirus software already includes a component that helps to identify a ransomware threat in the early stages of infection, without occurring the loss of any sensitive data. It is important for users to ensure that this functionality is switched on in their antivirus solution.

Go Decrypt is a new serve to help fight the growth of ransomware. As we grow we help to save users money, and fight back againt ransomware.

We get our tools and data from The No More Ransom Organization.

It’s best to double check to make sure you are using the right decrypting tool for your files. 

In some instances there is only a subset of the decryption keys, so you will need to check back for updates.

It is possible in the following cases:

  • The malware authors made an implementation mistake, making it possible to break the encryption. That was the case with the Petya ransomware and with the CryptXXX ransomware.
  • The malware authors feel sorry about their actions and publish the keys, or a “master key”, as in the TeslaCrypt case.
  • Law enforcement agencies seize a server with keys on it and share them. One such example is CoinVault.

Sometimes paying the ransom also works, but there is no guarantee that paying will actually lead to your files being decrypted. In addition, you’re supporting the criminal’s business model and thus are partly responsible for more and more people getting infected with ransomware.

Remove Ransomware Before Decryption

It’s important to use a reputable Antivirus to remove the ransomware before decryption. If you do not, you file will keep being encrypted.

Scroll to top