Victims of MegaCortex ransomware attacks can now decrypt their files without paying ransom to cybercriminals, thanks to a free decryption tool released in partnership between cybersecurity researchers and the police.
The MegaCortex ransomware decryptor was built by cybersecurity analysts at Bitdefender in collaboration with Europol, the No More Ransom Project, the Zürich Public Prosecutor’s Office, and the Zürich State Police.
The decryption tool, which will work with all variants of the MegaCortex ransomware, is now available for download from Bitdefender and passed No More Ransom decryption tool portal.
The MegaCortex Ransomware Has affected organizations around the world for several years, cybercriminals infiltrate computer networks, gain access, use that vulnerability to install and trigger file-encrypting malware attacks, and then demand ransom payments for decryption key. The ransom demanded often up to millions of dollars — requested in Bitcoin.
Also: Ransomware: Why it’s Still a Big Threat and Where the Gangs Go Next
Several MegaCortex ransomware attacks have been reported critical infrastructure and other high-profile goals — with attackers using a variety of methods to gain access to the network, including buying access to compromised systems with trojan malware or steal username and password.
“MegaCortex is operated by a complex team — several team members dedicated to identifying and exploiting known vulnerabilities in exposed infrastructure or by taking advantage of pre-existing infections on the network — such as emoticon or Qakbot“, Bogdan Botezatu, director of threat research and reporting at Bitdefender, told ZDNET.
“In some cases, stolen credentials were used to compromise domain controllers and then use other manual or automated components to deploy MegaCortex payloads across the organization” , he added.
Researchers say that, while MegaCortex no longer appears to be working, there are still victims of ransomware who have chosen not to pay the ransom, resulting in encrypted files since the attack. Now, they can take them.
“This tool has been used to successfully recover data, and we are optimistic that more and more victims will be able to decrypt their ransomed data in the coming weeks,” Botezatu said.
Also: Cybersecurity in space: Out-of-the-world challenges ahead
The MegaCortex decryptor is the latest ransomware decryption tool to be added to No More Ransom, an initiative of cybersecurity companies, law enforcement and academia to provide free decryption tools. code for ransomware victims. The project has Helped over 1.5 million victims of ransomware attacks retrieve their files without paying cyber criminals.
Although law enforcement agencies recommend that victims of ransomware attacks never pay the ransom, because it only encourages further ransomware attacks, many victims will choose to pay, seeing it as the easiest way to recover their networks. But even then, yes No guarantee that the decryptor will work properly, Or the ransomware attackers won’t come back and demand more money.
The best strategy to avoid disruption caused by ransomware is to avoid becoming a victim in the first place. Steps organizations can take to avoid this fate include apply security patches and updates as soon as they are released, so cybercriminals cannot exploit known vulnerabilities to gain network access.
Organizations should also ensure users The account is secured with multi-factor authenticationso if cybercriminals successfully steal usernames and passwords, they will struggle to access the system remotely no additional authentication layer.
MORE ABOUT NETWORK SECURITY
