Saturday, February 27, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Internet Security

Free decrypter released for Avaddon ransomware victims… aaand, it’s gone!

February 13, 2021
in Internet Security
Free decrypter released for Avaddon ransomware victims… aaand, it’s gone!
586
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

Image: ZDNet

A Spanish student released a free decryption utility that can help victims of the Avaddon ransomware recover their files for free.

Published on GitHub by Javier Yuste, a student at the Rey Juan Carlos University in Madrid, the AvaddonDecrypter works only in cases where victims have not powered off their computers.

You might also like

Oxford University lab with COVID-19 research links targeted by hackers

Fastest VPN in 2021 | ZDNet

Berlin resident jailed for threatening to bomb NHS hospital unless Bitcoin ransom was paid

The tool works by dumping an infected system’s RAM and scouring the memory content for data that could be used to recover the ransomware’s original encryption key.

If enough information is recovered, the tool can then be used to decrypt files and help victims recover from Avaddon attacks without needing to pay the gang’s ransom demand.

Avaddon gang fixes their code

But while the tool’s release will most likely help past victims, it won’t be helping companies that fall victim to new Avaddon attacks.

This is because the tool’s release did not go unnoticed. In a forum post on Wednesday, the Avaddon gang said it also learned of Yuste’s decrypter and has already deployed updates to its code, effectively negating the tool’s capabilities.

avaddon-message.png

Image: ZDNet

The Avaddon team’s reaction mirrors how the Darkside ransomware crew also answered the release of a similar decrypter for their own strain last month, in January.

darkside-answer.png

Image: KELA

Infosec experts: Keep some ransomware decrypters private!

In the end, the release of both decryption utilities had a very limited impact. While a few victims were able to decrypt files, once the existence of the decryption tool was made public, the ransomware gangs analyzed how the tools worked and fixed their code within days.

The release of these two tools, along with a blog post from Dutch security firm Eye Control showing how victims could recover from attacks with the Data Doctor ransomware, has rekindled, once again, a years-long conversation in the cyber-security industry about how decryption utilities should be handled and released to victims.

Several prominent security researchers with a long history of helping ransomware victims since the mid-2010s have made their opinions known again over these past two months, highlighting the fact that decryption utilities that take advantage of ransomware encryption bugs should be kept private and distributed to victims via non-public channels rather than advertised online.

Furthermore, even if such tools need to be made public, there should not be any technical details that accompany the tool’s release, details that will obviously help the attackers patch their own code as well.

Good work, but it is nothing sensational… Actually, it would be much more helpful (or maybe even say, only would be helpful) if he not published this only says something like “if you got Avaddon ransomware, contact me immediately”.
😫
cc @demonslay335

— MalwareHunterTeam (@malwrhunterteam) February 9, 2021

Keep it in you pocket folks! You can help victims and hold that blog post till AFTER the TA patches..
win win!

— Bill Siegel (@billseagull) January 9, 2021

You could have just posted that you have a fix for this particular ransomware and ask people to reach out to you. Then reach out to initiatives like NoMoreRansom or communities like BleepingComputer to propagate the news. You know, like everyone else who is responsible.

— Fabian Wosar (@fwosar) January 9, 2021

On the other side, decryption utilities that are built around master decryption keys obtained from the attackers’ servers are OK to share online, as there’s little that ransomware authors can do about these tools.

All in all, seeing how the Avaddon and Darkside groups have reacted —by fixing their encryption schemes within days— it’s hard to argue against the arguments made online over the past two months, namely that some decryption tools should never make it into the public domain.


Credit: Zdnet

Previous Post

A Bird’s Eye-View On Use Of AI & ML In Airlines Industry

Next Post

Gradient Descent Models Are Kernel Machines (Deep Learning) « Machine Learning Times

Related Posts

Oxford University lab with COVID-19 research links targeted by hackers
Internet Security

Oxford University lab with COVID-19 research links targeted by hackers

February 27, 2021
Fastest VPN in 2021 | ZDNet
Internet Security

Fastest VPN in 2021 | ZDNet

February 27, 2021
Berlin resident jailed for threatening to bomb NHS hospital unless Bitcoin ransom was paid
Internet Security

Berlin resident jailed for threatening to bomb NHS hospital unless Bitcoin ransom was paid

February 27, 2021
Chrome will soon try HTTPS first when you type an incomplete URL
Internet Security

Chrome will soon try HTTPS first when you type an incomplete URL

February 27, 2021
Go malware is now common, having been adopted by both APTs and e-crime groups
Internet Security

Go malware is now common, having been adopted by both APTs and e-crime groups

February 27, 2021
Next Post
The ML Times Is Growing – A Letter from the New Editor in Chief – Machine Learning Times

Gradient Descent Models Are Kernel Machines (Deep Learning) « Machine Learning Times

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

January 6, 2019
Microsoft, Google Use Artificial Intelligence to Fight Hackers

Microsoft, Google Use Artificial Intelligence to Fight Hackers

January 6, 2019

Categories

  • Artificial Intelligence
  • Big Data
  • Blockchain
  • Crypto News
  • Data Science
  • Digital Marketing
  • Internet Privacy
  • Internet Security
  • Learn to Code
  • Machine Learning
  • Marketing Technology
  • Neural Networks
  • Technology Companies

Don't miss it

Oxford University lab with COVID-19 research links targeted by hackers
Internet Security

Oxford University lab with COVID-19 research links targeted by hackers

February 27, 2021
The Education Industrial Complex: The Hammer We Have
Data Science

The Education Industrial Complex: The Hammer We Have

February 27, 2021
New AI Machine Learning Reduces Mental Health Misdiagnosis
Machine Learning

New AI Machine Learning Reduces Mental Health Misdiagnosis

February 27, 2021
Fastest VPN in 2021 | ZDNet
Internet Security

Fastest VPN in 2021 | ZDNet

February 27, 2021
Increasing Adoption of Informatics will Promote Growth of Data Analytics Outsourcing Market
Data Science

Increasing Adoption of Informatics will Promote Growth of Data Analytics Outsourcing Market

February 27, 2021
MindMed Closes Acquisition of HealthMode, a Leading Machine Learning Digital Medicine Company
Machine Learning

MindMed Closes Acquisition of HealthMode, a Leading Machine Learning Digital Medicine Company

February 27, 2021
NikolaNews

NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

What’s New Here?

  • Oxford University lab with COVID-19 research links targeted by hackers February 27, 2021
  • The Education Industrial Complex: The Hammer We Have February 27, 2021
  • New AI Machine Learning Reduces Mental Health Misdiagnosis February 27, 2021
  • Fastest VPN in 2021 | ZDNet February 27, 2021

Subscribe to get more!

© 2019 NikolaNews.com - Global Tech Updates

No Result
View All Result
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News

© 2019 NikolaNews.com - Global Tech Updates