Closed Ryuu-Naisho closed 3 years ago
It is about ransomware named Mamba, and it is not about DiskCryptor. Mamba just bundles open sourced DiskCryptor for its own needs.
If you run some shit software it can use LUKS, DiskCryptor, VeraCrypt, or any own encryption. It is totally up to you - do not run shit software on your PC.
It is not related to DiskCryptor.
In future builds of DC I'll include a code signature verification for the user mode components such that a 3rd party software will not be able to issue directives to the original Driver hence a malware author will need to compile hiss own driver and find a way to get MSFT to sign it.
Don't install. Once you finish installing DiskCryptor, it requests to restart your computer. Upon restarting, Drive C is encrypted and two hours later, it will ask you to pay to unencrypt. If this happens to you, don't pay. Just do a factory reset and say goodbye to your files unless you know how to unencrypt it without paying.
Check this for more information. https://www.ic3.gov/Media/News/2021/210323.pdf