Frame-14

Privacy Ninja

The Week in Ransomware – September 17th 2021 – REvil Decrypted

The Week in Ransomware – September 17th 2021 – REvil Decrypted

It has been an interesting week with decryptors released, ransomware gangs continuing to rail against negotiators, and the US government expected to sanction crypto exchanges next week.

This week’s biggest news is that soon after REvil returned from its two-month absence, Bitdefender released a master decryptor that allows victims encrypted by REvil before July 13th to recover their files for free.

While the decryptior has a few bugs that still need to be worked out that lead to corrupted data in certain situations, our decryption tests show that it works against REvil samples as far back as May 2019.

Also Read: Best Privacy Certification: 3 Simple Steps On How To Achieve

The US government is expected to disrupt further ransomware attacks by sanctioning crypto exchanges, wallets, and traders that aid cybercriminals.

Finally, ransomware gangs use phishing attacks with malicious Word documents that utilize the Windows MSHTML vulnerability tracked as CVE-2021-40444. When opened, the malicious documents would install Cobalt Strike to provide network access to the attackers.

Finally, ransomware gangs continue to rail against negotiators in posts from both DoppelPaymer and the Grief ransomware operations, which are believed to be run by the same threat actors.

Also Read: Computer Misuse Act Singapore: The Truth And Its Offenses

Contributors and those who provided new ransomware information and stories this week include: @demonslay335@Seifreed@DanielGallagher@malwrhunterteam@FourOctets@malwareforme@jorntvdw@fwosar@VK_Intel@serghei@PolarToffee@BleepinComputer@LawrenceAbrams@struppigel@Ionut_Ilascu@RiskIQ@sixdub@Bitdefender@zackwhittaker@AdvIntel@siri_urz@martinmatishak@pcrisk@TheDFIRReport, and @PogoWasRight.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us