Victims of the MegaCortex ransomware can now recover their encrypted files for free, thanks to the release of a new file decryptor.
The free decryptor was built by cybersecurity firm Bitdefender and the EU’s No More Ransom initiative in cooperation with the Zürich Cantonal Police, the Zürich Public Prosecutor’s Office and Europol, which in September announced that 12 individuals had been arrested in connection with the Dharma, LockerGoga and MegaCortex ransomware families.
At the time, a statement from Zürich’s prosecutor revealed that the arrests allowed investigators to recover multiple private keys used by the ransomware gang that could allow victims to recover data that was previously encrypted with the LockerGaga or MegaCortex malware. BitDefender released a decryptor for LockerGoga last year.
Now, the cybersecurity company announced this week that a free MegaCortex decryptor is now available.
The tool, which should work to unlock files encrypted by all variants of MegaCortex ransomware, is available to download from Bitdefender and via No More Ransom’s decryption tools portal, which is home to 136 free tools for 165 ransomware variants, including Babuk, DarkSide, Gandcrab and REvil.
Bitdefender told TechCrunch that MegaCortex is estimated to have infected in excess of 1,800 companies around the world, including a number of “high-profile” targets, though the figure is likely to be far higher. The cybersecurity company said its Sodinokibi decryptor, which it released in September 2021, helped victims save over $800 million in unpaid ransoms, and it expects similar from the MegaCortex tool.
MegaCortex was first seen in May 2019 when it began targeting networks that have already been infected with malware, such as Emotet and Qakbot, which is often used to steal data but also deliver ransomware payloads.
Later that year, MegaCortex operators became among the first to engage in double extortion tactics, where they exfiltrate a victim’s sensitive data and encrypt it. The ransomware actors then threaten to release the stolen data unless a ransom demand was paid, which are said to have ranged from approximately $20,000 to as much as $5.8 million.
https://techcrunch.com/
Reddit has confirmed hackers accessed internal documents and source code following a “highly-targeted” phishing attack. A post by Reddit CTO Christopher Slowe, or KeyserSosa, explained that on February 5 the company became aware of the “sophisticated” attack targeting Reddit employees. He says that an as-yet-unidentified attacker sent “plausible-sounding prompts,” which redirected employees to a website masquerading as Reddit’s […]
as we all know, humans are often the weakest part of the security chain.” Those are the words of Reddit CTO Christopher Slowe, who was quick to play the blame game in a post announcing that Reddit experienced a breach of internal data last week. He explained that the platform was compromised after an attacker sent “plausible-sounding prompts” to employees […]
In the past decade, Apple has positioned itself as a privacy-first company. It has butted heads with law enforcement for encrypting people’s phones, messages, and FaceTime calls, and battled Facebook over its creepy ad-tracking practices. But Apple’s business model is also shifting. For years, Cupertino has made its money by selling expensive hardware—iPhones, iPads, and Macs. However, […]
Leave a Reply