Dutch cybersecurity firm Tesorion has released a free decryptor for the Lorenz ransomware, allowing victims to recover some of their files for free without paying a ransom.
Lorenz is a human-operated ransomware that began operating in April 2021 and has since listed twelve victims whose data they have stolen and leaked on their ransomware data leak site.
Lorenz is not particularly active and has begun to taper off in recent months compared to other operations.
The Lorenz ransomware decryption tool can be downloaded from NoMoreRansom and will allow victims to recover some of their encrypted files.
Also Read: The DNC Singapore: Looking at 2 Sides Better
Unlike other ransomware decryptors that include the actual decryption key, Tesorion’s decryptor operates differently and can only decrypt certain file types.
Tesorion researcher Gijs Rijnders told BleepingComputer that only files with well-known file structures could be decrypted, such as Office documents, PDF files, some image types, and movie files.
While the decryptor will decrypt not every file type, it will still allow those who do not pay the ransom to recover important files.
As you can see below, the decryptor can decrypt well-known file types, such as XLS and XLSX files, without a problem. However, it will not decrypt unknown file types or those with uncommon file structures.
In addition to providing a decryptor, Tesorion provided insight into the encryption technique used by the Lorenz ransomware.
In a blog post, Rijnders explains that a bug in how they implement their encryption can cause data to become lost, which would prevent a file from being decrypted even if a ransom was paid.
Also Read: 4 Best Practices on How to Use SkillsFuture Credit
“The result of this bug is that for every file which’s size is a multiple of 48 bytes, the last 48 bytes are lost. Even if you managed to obtain a decryptor from the malware authors, these bytes cannot be recovered,” explains Rijnders.
Role of Enhanced Access Controls in Safeguarding Personal Data in Telecommunications that every Organisation in…
Effective Incident Response Procedures in Strengthening Data Security that every Organisation in Singapore should know…
Crucial Role of Regular Vulnerability Scanning that every Organisation in Singapore should know. Strengthening Your…
Enhancing Data Security with Multi-Factor Authentication that every Organisation in Singapore should know. Enhancing Data…
Strong Password Policy as a first line of defense against data breaches for Organisations in…
Importance of Efficient Access Controls that every Organisation in Singapore should take note of. Enhancing…
This website uses cookies.
