Security researchers released a decryptor that allows Planetary ransomware victims to retrieve their files for free.
The decryptor, released by Emsisoft, asks the victim to have a copy of the ransom note that 'left' hacker. It is not difficult to find. Planetary ransomware, which earns its name for the use of planet-related file extensions, including ".Pluto" and ".Neptune," places a copy of its message in each folder where it encrypts files while doing the same thing on the desktop of infected devices.
The note tells them to contact via email with "email@example.com" or with "recoverydata @ india.com", which you will see on the screenshot below. The hackers then promise to send a decryptor as soon as the victims pay them.
Victims should download the decryptor, a link that is available from the Bleeping Computer and store it on their desktop. Then you have to run the decryptor with rights admin. This will ensure that the tool can recover all files affected by the ransomware.
As soon as they run the decryptor, they will be asked to choose a "ransom note" and click the "Start" button. The utility will then use this "ransom note" to display the decryption key used by ransomware to encrypt the victim's files. At this point, the user can enter this decryption key on the screen, select all the units that he would like to decrypt and click on the "Decrypt" button. This will cause the program to search the computer for the related file extensions used by ransomware and, in turn, to decipher them.