A decryptor for a Donex ransomware, also known under the name of Muse, DarkRace and LockBit 3.0, has been released by Avast specialists. They used a flaw in the cipher known for almost half a year to help with decryption privately, and now make the decryptor tool available to everyone. This is yet another ransomware… Continue reading Donex, DarkRace, fake LockBit 3.0 and Muse Ransomware Decryptor Released
Tag: Decryption keys
Tortilla (Babuk) Ransomware Decryptor Available
On January 9, 2024, Avast and Cisco Talos announced the release of a free decryptor for one of the Babuk ransomware variants – Tortilla. Analysts ensure that all the victims of the said threat actor can use the decryptor to get their files back. That is the second ransomware strain to get the decryptor in… Continue reading Tortilla (Babuk) Ransomware Decryptor Available
Black Basta Ransomware Free Decryptor Available
SRLabs researchers published a free decryptor for BlackBasta ransomware. They discovered the vulnerability in the way malware handles the encryption process and found the way to recover the encryption key and get the files back. The decryptor is called Black Basta Buster and is available for free on the devs’ GitHub page. Black Basta Decryptor… Continue reading Black Basta Ransomware Free Decryptor Available
Unit221b Secretly Helped Victims of Zeppelin Ransomware for 2 Years
Security professionals at Unit221b found vulnerabilities in the Zeppelin ransomware encryption mechanism. Experts managed to use them to create a working decryptor that they have been using since 2020 to help victim companies recover files without paying the attackers a penny. The work was carried out covertly so hackers would not find out about vulnerabilities… Continue reading Unit221b Secretly Helped Victims of Zeppelin Ransomware for 2 Years
Decryption keys for Maze, Egregor and Sekhmet ransomware were posted on the Bleeping Computer forum
The Bleeping Computer forum published master keys for decrypting data affected by Maze, Egregor and Sekhmet ransomware attacks. Apparently, the keys were “leaked” by one of the developers of the malware. Journalists remind that the Maze ransomware has been active since May 2019 and quickly gained wide popularity, as its operators first came up with… Continue reading Decryption keys for Maze, Egregor and Sekhmet ransomware were posted on the Bleeping Computer forum