Bitdefender analysts recently released a free decryption tool for victims of the MegaCortex ransomware attack. It can be downloaded from the websites of both the cybersecurity company and the No More Ransom project. This key should work with all variants of MegaCortex.
“The tool has already been used to successfully recover data and we are optimistic that many more victims will be able to recover their encrypted data in the coming weeks,” says Bogdan Botezatu, director of research at Bitdefender.
This latest release comes on the heels of the decryption tool for the LockerGoga ransomware, made available in September 2022. Both tools were developed by Bitdefender and No More Ransom, in collaboration with Europol, the Zurich Public Prosecutor’s Office and the Zurich Cantonal Police.
They were created following the arrest in 2021 of 13 cybercriminals linked to the two ransomware strains in Switzerland and Ukraine. This international crackdown led to the Swiss authorities recovering numerous private keys linked to LockerGoga and MegaCortex in September 2022.
MegaCortex was a particularly vicious attack that hit several critical infrastructure facilities. “MegaCortex was operated by a complex team, some of whose members were specialised in identifying and exploiting known vulnerabilities in exposed infrastructure or in leveraging a pre-existing infection on the network, such as Emotet or QakBot,” Botezatu says.
No More Ransom is a joint project of the National High Tech Crime Unit of the Dutch Police, Europol, Kaspersky and McAfee, with support from the academic world. Its main objective is to provide victims with free ransomware decryptors. No More Ransom has reportedly helped 1.5 million victims recover their files.