Good news for the TargetCompany victims, Czech cybersecurity software firm Avast has recently released a free decryptor tool that will facilitate victims of the TargetCompany (Tohnici) ransomware in recovering files without paying the ransom demand. 

Initially discovered in June 2021, the Tohnici ransomware group has wreaked havoc on its victims ––companies and consumers alike, despite being one of the smaller ransomware gangs that are active presently. 

The Czech cybersecurity has confirmed that it has created the app, called a decrypter after one of its customers was breached by the ransomware attack and needed a way to recover their files. However, the organization has warned its customers that the free utilities (decryptor tools) are limited; the features can only be used to recover encrypted files “under certain circumstances.” 

The firm further said that the victims who want to recover their files should keep in mind that the process of recovering files is resource-intensive and time-consuming too. 

“During password cracking, all your available processor cores will spend most of their computing power to find the decryption password. The cracking process may take a large amount of time, up to tens of hours...,” Avast said. "...On the final wizard page, you can opt-in whether you want to backup encrypted files. These backups may help if anything goes wrong during the decryption process.” 

In order to bring the decrypter tool, Avast reported to the press that it has reverse-engineered the TargetCompany ransomware, and its novel encryption scheme has been made up of a mix between the ChaCha20, AES-128, and Curve25519 algorithms. 

If you are the victim of the TargetCompany ransomware attack, you can recover your files without paying anything. Just download the decryption tool from Avast’s servers (64-bit or 32-bit) and both servers will work for versions of the TargetCompany ransomware that encrypted files with the architek, brg, exploit, and mallox file extensions.