Emsisoft's research team reports that it has uncovered a new ransomware campaign - BigBobRoss - which seems to target Comcast Business customers.
BigBobRoss is a ransomware written in C++ using QT. It uses AES-128 ECB to encrypt files, and adds the extension ".obfuscated". Some variants also prepend the victim ID to the filename. The ransom note "Read Me.txt" asks the victim to contact "BigBobRoss@computer4u.com".
The Emsisoft team reports that it was fortunately able to identify a flaw within the ransomware's code that can be used to decrypt the AES-128 ECB encrypted files without paying the ransom. The decrypter has just been released and is availalable here: