In short: Cybersecurity agency Bitdefender has launched a brand new device to assist MegaCortex ransomware victims unlock their recordsdata, which is nice information for people who have had recordsdata locked down for years.
MegaCortex surfaced in 2019 as a purpose-built ransomware focusing on company networks that used area controllers to unfold. In keeping with The Malware Wiki, MegaCortex encrypted consumer recordsdata with AES encryption. A read-me file accompanying infections indicated that the one option to restore entry to locked information is with a non-public key that victims would want to buy from the hackers.
Quick-forward to October 2021 when authorities arrested a dozen people linked to greater than 1,800 ransomware assaults throughout 71 nations. In keeping with TechCrunch, police spent months combing via information collected through the arrests. They finally discovered particular person decryption keys that had been used to create and launch a device final September to unlock recordsdata impacted by the LockerGoga ransomware.
Extra keys found by legislation enforcement led to the event of this new device for the MegaCortex ransomware.
events can seize the MegaCortex unlocker over on Bitdefender’s web site. They’ve additionally printed a step-by-step tutorial on how one can use it in each single-computer and community modes. Notably, in case your recordsdata are encrypted with variations 2-4 of the ransomware, you will have to verify the system accommodates a replica of the ransom observe. In the event you had been hit with V1, you will have the observe and the TSV log file created by the ransomware to make use of the unlocking device.
Optionally, the device can be out there from No Extra Ransom. The positioning performs host to unlocking instruments for greater than 170 items of ransomware and variants together with well-known examples like REvil and Ragnarok.
Most safety specialists advise victims to not pay a ransom. Sending cash solely confirms that the ransomware works and there’s no assure that you’re going to get the decryption key in return for cost or that you simply will not be hit once more by a tweaked variant requiring a special key (and extra money). Australia is even contemplating a ban on ransom funds to hackers.
Picture credit score: Soumil Kumar, George Becker