{"id":595343,"date":"2023-01-08T05:49:08","date_gmt":"2023-01-08T11:49:08","guid":{"rendered":"https:\/\/news.sellorbuyhomefast.com\/index.php\/2023\/01\/08\/megacortex-ransomware-victims-can-now-unlock-their-files-for-free\/"},"modified":"2023-01-08T05:49:08","modified_gmt":"2023-01-08T11:49:08","slug":"megacortex-ransomware-victims-can-now-unlock-their-files-for-free","status":"publish","type":"post","link":"https:\/\/newsycanuse.com\/index.php\/2023\/01\/08\/megacortex-ransomware-victims-can-now-unlock-their-files-for-free\/","title":{"rendered":"MegaCortex ransomware victims can now unlock their files for free"},"content":{"rendered":"<div>\n<p id=\"why-it-matters\"><strong>In brief:<\/strong> Cybersecurity firm Bitdefender has released a new tool to help MegaCortex ransomware victims unlock their files, which is great news for those that have had files locked down for years. <\/p>\n<p>MegaCortex surfaced in 2019 as a purpose-built ransomware targeting corporate networks that used domain controllers to spread. According to The Malware Wiki, MegaCortex encrypted user files with AES encryption. A read-me file accompanying infections indicated that the only way to restore access to locked data is with a private key that victims would need to purchase from the hackers.<\/p>\n<p>Fast-forward to October 2021 when authorities <a href=\"https:\/\/www.europol.europa.eu\/media-press\/newsroom\/news\/12-targeted-for-involvement-in-ransomware-attacks-against-critical-infrastructure\">arrested<\/a> a dozen individuals linked to more than 1,800 ransomware attacks across 71 countries. According to TechCrunch, police spent months combing through data collected during the arrests. They ultimately <a href=\"https:\/\/techcrunch.com\/2022\/09\/19\/lockergoga-ransomware-decryption\/\">found<\/a> individual decryption keys that were used to create and release a tool last September to unlock files impacted by the LockerGoga ransomware.<\/p>\n<p><picture><source type=\"image\/webp\" data-srcset=\"https:\/\/static.techspot.com\/images2\/news\/bigimage\/2023\/01\/2023-01-06-image-18-j_500.webp 500w, https:\/\/static.techspot.com\/images2\/news\/bigimage\/2023\/01\/2023-01-06-image-18-j_1100.webp 1100w, https:\/\/static.techspot.com\/images2\/news\/bigimage\/2023\/01\/2023-01-06-image-18-j.webp 2500w\" data-sizes=\"(max-width: 960px) 100vw, 680px\"><img loading=\"lazy\" decoding=\"async\" height=\"1667\" width=\"2500\" alt src=\"https:\/\/static.techspot.com\/images2\/news\/bigimage\/2023\/01\/2023-01-06-image-18.jpg\" srcset=\"https:\/\/static.techspot.com\/images2\/news\/bigimage\/2023\/01\/2023-01-06-image-18-j_500.webp 500w, https:\/\/static.techspot.com\/images2\/news\/bigimage\/2023\/01\/2023-01-06-image-18-j_1100.webp 1100w, https:\/\/static.techspot.com\/images2\/news\/bigimage\/2023\/01\/2023-01-06-image-18-j.webp 2500w\"  ><\/picture><\/p>\n<p>Additional keys discovered by law enforcement led to the development of this new tool for the MegaCortex ransomware.<\/p>\n<p>Interested parties can grab the <a href=\"https:\/\/www.bitdefender.com\/blog\/labs\/bitdefender-partnership-with-law-enforcement-yields-megacortex-decryptor\/\">MegaCortex unlocker<\/a> over on Bitdefender&#8217;s website. They have also published a step by step <a href=\"https:\/\/www.nomoreransom.org\/uploads\/UserManualMegaCortexDecryptor.pdf\">tutorial<\/a> on how to use it in both single-computer and network modes. Notably, if your files are encrypted with versions 2-4 of the ransomware, you will need to make sure the system contains a copy of the ransom note. If you were hit with V1, you will need the note and the TSV log file created by the ransomware to use the unlocking tool.<\/p>\n<p>Optionally, the tool is also available from <a href=\"https:\/\/www.nomoreransom.org\/en\/decryption-tools.html\">No More Ransom<\/a>. The site plays host to unlocking tools for more than 170 pieces of ransomware and variants including well-known examples like REvil and Ragnarok.<\/p>\n<p>Most security experts advise victims not to pay a ransom. Sending money only confirms that the ransomware works and there is no guarantee that you will get the decryption key in return for payment or that you won&#8217;t be hit again by a tweaked variant requiring a different key (and more money). Australia is even <a href=\"https:\/\/www.techspot.com\/news\/96669-australia-wants-criminalize-ransomware-payments.html\">considering a ban<\/a> on ransom payments to hackers.<\/p>\n<p>Image credit: <a href=\"https:\/\/www.pexels.com\/photo\/photo-of-person-typing-on-computer-keyboard-735911\/\">Soumil Kumar<\/a>, <a href=\"https:\/\/www.pexels.com\/photo\/close-up-of-keys-333837\/\">George Becker<\/a><\/p>\n<\/p><\/div>\n<p><a href=\"https:\/\/www.techspot.com\/news\/97195-bitdefender-releases-free-megacortex-ransomware-unlocker.html\" class=\"button purchase\" rel=\"nofollow noopener\" target=\"_blank\">Read More<\/a><br \/>\n Dion Grisby<\/p>\n","protected":false},"excerpt":{"rendered":"<p>In brief: Cybersecurity firm Bitdefender has released a new tool to help MegaCortex ransomware victims unlock their files, which is great news for those that have had files locked down for years. MegaCortex surfaced in 2019 as a purpose-built ransomware targeting corporate networks that used domain controllers to spread. According to The Malware Wiki, MegaCortex<\/p>\n","protected":false},"author":1,"featured_media":595344,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[117771,31358,46],"tags":[],"class_list":{"0":"post-595343","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-megacortex","8":"category-ransomware","9":"category-technology"},"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/posts\/595343","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/comments?post=595343"}],"version-history":[{"count":0,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/posts\/595343\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/media\/595344"}],"wp:attachment":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/media?parent=595343"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/categories?post=595343"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/tags?post=595343"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}