Victims of the MegaCortex ransomware can now recover their encrypted files for free, thanks to the release of a new file decryptor.
The free decryptor was built by cybersecurity firm Bitdefender and the EU’s No More Ransom initiative in cooperation with the Zürich Cantonal Police, the Zürich Public Prosecutor’s Office and Europol, which in September announced that 12 individuals had been arrested in connection with the Dharma, LockerGoga and MegaCortex ransomware families.
At the time, a statement from Zürich’s prosecutor revealed that the arrests allowed investigators to recover multiple private keys used by the ransomware gang that could allow victims to recover data that was previously encrypted with the LockerGaga or MegaCortex malware. BitDefender released a decryptor for LockerGoga last year.
Now, the cybersecurity company announced this week that a free MegaCortex decryptor is now available.
The tool, which should work to unlock files encrypted by all variants of MegaCortex ransomware, is available to download from Bitdefender and via No More Ransom’s decryption tools portal, which is home to 136 free tools for 165 ransomware variants, including Babuk, DarkSide, Gandcrab and REvil.
Bitdefender told TechCrunch that MegaCortex is estimated to have infected in excess of 1,800 companies around the world, including a number of “high-profile” targets, though the figure is likely to be far higher. The cybersecurity company said its Sodinokibi decryptor, which it released in September 2021, helped victims save over $800 million in unpaid ransoms, and it expects similar from the MegaCortex tool.
MegaCortex was first seen in May 2019 when it began targeting networks that have already been infected with malware, such as Emotet and Qakbot, which is often used to steal data but also deliver ransomware payloads.
Later that year, MegaCortex operators became among the first to engage in double extortion tactics, where they exfiltrate a victim’s sensitive data and encrypt it. The ransomware actors then threaten to release the stolen data unless a ransom demand was paid, which are said to have ranged from approximately $20,000 to as much as $5.8 million.
https://techcrunch.com/
In a financial filing on Thursday, T-Mobile revealed that a hacker accessed a trove of personal data belonging to 37 million customers. The telecom giant said that the “bad actor” started stealing the data, which includes “name, billing address, email, phone number, date of birth, T-Mobile account number and information such as the number of […]
WhatsApp is rolling out a picture-in-picture feature for its iOS app with its latest update. This allows users to access WhatsApp or other apps without shutting out the video feed on the call. The company rolled out this feature with the 23.3.77 version of its iOS app. Until now, if you switched to another app […]
Every developer knows that it’s a bad idea to hardcode security credentials into source code. Yet it happens and when it does, the consequences can be dire. Until now, GitHub only made its secret scanning service available to paying enterprise users who paid for GitHub Advanced Security, but starting today, the Microsoft-owned company is making […]
Leave a Reply