Newly Developed OG3 Patcher Decrypts Operation Global III (OG3)

Newly Developed OG3 Patcher Decrypts Operation Global III (OG3)

Nathan Scott, a malware researcher, has just developed a tool against the crypto-malware Operation Global III (OG3), so that victims will not have to pay the ransom in order to get their files back.

What Is OG3?

Like typical ransomware, once OG3 infects your computer, it encrypts the data inside so that you are no longer able to access it until you pay a ransom fee. The requested fee, in this case, is $250 USD in Bitcoins. Although this ransomware program is pretty basic, it can not only encrypt your files, but it blocks you from using your computer via a lock screen. It also acts like a virus – infecting your files via spreading malicious codes.

In addition, the ransom message that appears on the infected computer screen claims to be sent from the law enforcement due to copyright infringement.

The way OG3 activates itself is by changing your pictures and other documents’ extensions to .exe which automatically makes them inaccessible anymore. If you try to open any of these files, OG3 displays a full-screen ransom message demanding a pay or else – these files will be removed from your hard disk.

How Does OG3 Patcher Work?

OG3 may be dangerous indeed, but apparently it is not quite professionally developed as malware researchers (Nathan Scott) managed to come up with a decryption tool against it.

Scott found out that the decryption keys of OG3 were, in fact, located inside the encrypted file. He then quickly managed to develop a tool to reverse the process. It also appeared that the simple combination of Alt+Tab keys allowed the user to switch to opened apps and thus – to download the tool became fully possible.

OG3 Patcher automatically starts decrypting your files if the infection on your computer is currently running. Once it unlocks your files, it makes changes to the OG3 ransomware in a way that the infection will no longer be able to enter your system.
Keep in mind that that you could always use the OG3 decryption tool in case you have your files’ extensions changed to .exe.