Victims of the MegaCortex ransomware can now recover their encrypted files for free, thanks to the release of a new file decryptor.
The free decryptor was built by cybersecurity firm Bitdefender and the EU’s No More Ransom initiative in cooperation with the Zürich Cantonal Police, the Zürich Public Prosecutor’s Office and Europol, which in September announced that 12 individuals had been arrested in connection with the Dharma, LockerGoga and MegaCortex ransomware families.
At the time, a statement from Zürich’s prosecutor revealed that the arrests allowed investigators to recover multiple private keys used by the ransomware gang that could allow victims to recover data that was previously encrypted with the LockerGaga or MegaCortex malware. BitDefender released a decryptor for LockerGoga last year.
Now, the cybersecurity company announced this week that a free MegaCortex decryptor is now available.
The tool, which should work to unlock files encrypted by all variants of MegaCortex ransomware, is available to download from Bitdefender and via No More Ransom’s decryption tools portal, which is home to 136 free tools for 165 ransomware variants, including Babuk, DarkSide, Gandcrab and REvil.
Bitdefender told TechCrunch that MegaCortex is estimated to have infected in excess of 1,800 companies around the world, including a number of “high-profile” targets, though the figure is likely to be far higher. The cybersecurity company said its Sodinokibi decryptor, which it released in September 2021, helped victims save over $800 million in unpaid ransoms, and it expects similar from the MegaCortex tool.
MegaCortex was first seen in May 2019 when it began targeting networks that have already been infected with malware, such as Emotet and Qakbot, which is often used to steal data but also deliver ransomware payloads.
Later that year, MegaCortex operators became among the first to engage in double extortion tactics, where they exfiltrate a victim’s sensitive data and encrypt it. The ransomware actors then threaten to release the stolen data unless a ransom demand was paid, which are said to have ranged from approximately $20,000 to as much as $5.8 million.
https://techcrunch.com/
Digital twins — virtual representations of actual systems — have become an important component in how engineers and analysts build, visualize and operate AI projects, network security and other complicated architectures that might have a number of components working (or malfunctioning as the case may be) in tandem. Today, a startup called Forward Networks — which has […]
U.S. nonprofit healthcare giant Maternal & Family Health Services has confirmed hackers accessed sensitive patient, financial and medical information months earlier. In an advisory published on its website on Thursday, MFHS said a “sophisticated ransomware incident” exposed the sensitive information of current and former patients, employees and vendors. This information included names, addresses, dates of birth, Social Security numbers, […]
The infrastructure behind Hive, one of the most prolific ransomware operations, has been seized by law enforcement agencies in the United States and Europe. Hive saw its dark web portal seized as part of a coordinated law enforcement action carried out by the U.S. Department of Justice, the FBI, Secret Service and several European government agencies, […]
Leave a Reply