While the FBI has dealt a major blow to the ransomware group REvil, the team of experts at Avast has just released decryptors for the ransomware AtomSilo, LockFile and Babuk.
They are accessible free of charge and can be used by anyone who has fallen victim to this malware.
The Czech company, known for years for its cybersecurity work, explained that a single decryptor is used for AtomSilo and LockFile.
It is indeed able to work for both malware.
This is because they are very similar strains of ransomware.
The main difference between these two groups of malware would be the method of distribution, the attack strategies, and the servers used for ransom demands.
Avast explains that this decryptor was developed thanks to the research work of analyst Jiří Vinopal, who announced on Twitter that he had discovered a security flaw in the AtomSilo ransomware, which allowed him to recover files encrypted by it.
Imperfect
Avast warns, however, that its decryptor is not perfect and that some files may not be recoverable.
For example, files with proprietary formats are not recognized.
As for the Babuk ransomware, the decryptor could be created thanks to the source code which had been fully released by one of the members of the hacker group in September.
The recovery tool however only works for files that have encrypted with the extensions.
babuk,.
babyk or.
doydo.
The AtomSilo and LockFile decryptor can be downloaded here.
Babuk's decryptor can be accessed through this link.
High-Tech
Russian hacker group Nobelium attacking European organizations?
High-Tech
"Squid Game": Beware of malicious applications derived from the series
Anti-virus
Computer science
Personal data
Phishing
Computer virus
High-Tech
Cybersecurity