[TheRecord] Free decrypters released for AtomSilo, Babuk, and LockFile ransomware strains

Antivirus maker and cyber-security firm Avast has released today free decryption utilities to recover files that have been encrypted by three ransomware strains—AtomSilo, Babuk, and LockFile.

The AtomSilo and LockFile decrypters are being offered as one single download because of the similarities between the two ransomware strains.

“Both the AtomSilo and LockFile ransomware strains are very similar to each other and except for minor differences, this description covers both of them,” Avast said in a blog post today.

Image: Avast

Avast said they were able to break the ransomware’s encryption scheme and create the decrypter using information shared by Jiří Vinopal, a security researcher at RE-CERT, who posted on Twitter earlier this month that he found a way to crack AtomSilo’s encryption and had already created a proof-of-concept decrypter.

Something big -> I just cracked #AtomSilo – one of the Latest Ransomware Family – More information soon. Stay Tuned. (cde07f39b45b883c861f4d4d0c6afb80)
For more information (Only for trusted Security accounts) DM me.🙏
Please help me to reach more People who could be affected!!!

— Jiří Vinopal (@vinopaljiri) October 17, 2021

On the other hand, the Babuk decrypter is being offered separately.

Avast said they created the decrypter using the source code of the original Babuk ransomware, which was shared on a Russian-speaking cybercrime forum at the start of September.

One of the developers for Babuk ransomware group, a 17 year old person from Russia, has been diagnosed with Stage-4 Lung Cancer. He has decided to leaked the ENTIRE Babuk source code for Windows, ESXI, NAS.

You can download the Babuk source here: vx-underground[.]org/tmp/

— vx-underground (@vxunderground) September 3, 2021

In a tweet today, Avast said the source code contained decryption keys for past victims.

However, the decrypter will only work for past Babuk victims that had files encrypted with either the .babuk or .babyk file extensions only.

Image: Avast

The post Free decrypters released for AtomSilo, Babuk, and LockFile ransomware strains appeared first on The Record by Recorded Future.

Source: Read More (The Record by Recorded Future)

You might be interested in …

[SecurityWeek] The Impact of the Pandemic on Today’s Approach to Cybersecurity

All posts, Security Week

Security practitioners must figure out how to enable a secure and resilient anywhere workforce to reduce risk read more Source: Read More (SecurityWeek RSS Feed)

Read More

[SecurityWeek] Siemens Addresses 60 Vulnerabilities Introduced by Third-Party Components

All posts, Security Week

Siemens’ May 2021 Patch Tuesday advisories address roughly 60 vulnerabilities introduced by the use of third-party components. read more Source: Read More (SecurityWeek RSS Feed)

Read More

Daily NCSC-FI news followup 2020-09-16

Tietovuoto: Kiinalaisyrityksen urkintalistalla on 799 suomalaista, joukossa poliitikkoja ja heidän lähipiiriään Katso, miten suomalaiset on jaoteltu yle.fi/uutiset/3-11544521 Poikkeuksellinen tietovuoto kertoo, millaiset suomalaiset vaikuttajat kiinnostavat Kiinaa. Pitkään kestävä syysmyrsky huolettaa sähköyhtiöitä “Valmiudessa on moninkertainen määrä työntekijöitä” yle.fi/uutiset/3-11547019 Keski-Pohjanmaalla toimivat sähköyhtiöt ovat nostaneet selvästi varautumistaan voimakkaan ja poikkeuksellisen pitkäkestoisen syysmyrskyn varalle. Yhä useampi on huolissaan lähipiiriinsä kohdistuvista […]

Read More