When Wesker blocks particular files on the PC or the whole system, it is important to stop further penetration and heal the infected items if that is still possible.
There is a big variety of documents and files that can be touched and blocked by Wesker ransomware. These components include Microsoft Word documents, Excel data, PowerPoint presentations, audio and video files, archives, etc. Once the data is locked, users are provided with this type of ransom-demanding message:
the Hello, dear friend Eツ
the All your work and personal files is have Been encrypted by the
the W R. The Esker ENCRYPTE
Your files is damaged are the NOT, for They are modified only. They can be decrypted.
How to decrypt files?
You have to buy special software – “Wesker Decryptor”.
The method of payment of the decryptor
 Download Tor-browser (https://www.torproject.org/download/download-easy.html)
 Install and run it
 Open the website in the Tor-browser “: Http://wesker7b27uikjn3.onion/index.php?6b1AAdbb9d737C529783cf7eec9703dA
 Follow the further instructions.
* Do not try to reinstall the OS, restore and decrypt the files yourself. All attempts will be unsuccessful.
** You can get the decryptor ONLY on the specified link.
*** If you don’t have the ability to use the Tor-browser, use the Telegram to get the actual list of web mirrors: https://t.me/tor2web_wesker
— BEGIN WESKER KEY– –
3EfCC66625B0B3C77Ed0d1135BE86B00zf79Fme9lOEqwb 5VXmSPV95FnuZZHY0 + + PWnldmJ
*** Bei CMkTFlvFj8Nw4 +
— the END Wesker the KEY —
— — the BEGIN the PC the DATA
dC504376F3a09e99a8e60C951ad9baab3u + RqddfDoA8khQ7kuYavaKvTE *** 2Q6PUa0lCm9 / a
— the END the PC the DATA —
Wesker might include a big variety of damaging features that might not be recognized from the first view. However, these threats can not only encrypt targeted files but they also might inject other infections such as trojans or spyware into the computer system. This will just harden the elimination process.