Bitdefender, an antivirus company has made it easy for MegaCortex ransomware victims to recover their data.
Bitdefender experts and Bitdefender analysts combined their efforts to create the decryptor.
The decryptor can be used in a simple way, since it is a standalone executable and doesn’t need installation. It will automatically locate any encrypted files.
The decryptor also has the ability to back up encrypted files in order of safety, in case the encryption process goes wrong and corrupts the files beyond repair.
The new decryptor also offers advanced settings to allow you to restore files to those that have previously attempted to decrypt them.
For more information on Bitdefender’s MegaCortex encryption, you can download it from the page .
MegaCortex’s Rise and Fall
MegaCortex ransomware, discovered first by Sophos researchers . They observed that it targeted corporate networks, and also found QBot, Emotet and Cobalt Strike.
Samples taken July 2019, showed that MegaCortex operators launched more targeted attacks and adjusted ransom demands based on the victims size. They also used particularly threatening language.
MegaCortex operator MegaCortex began using double extortion techniques in . They threatened victims with publication of their personal data if the victim didn’t comply.
The Dutch National Cyber Security Centre had placed MegaCortex ransomware operation in cybercrime underground by the end.
The organisations about MegaCortex in December 2019. It described the methods of MegaCortex and offered defense tips as well as mitigation suggestions.
MegaCortex activity slowed down in 2020 and it didn’t have many people who were affected.
Europol 12 people responsible for ransomware attacks totalling 1,800 across 71 countries. Many of these were using the LockerGoga and MegaCortex strains.
After the discovery of private keys in the attacks, BitDefender released a LockerGoga ransomware encryption decryptor for free.
This analysis showed that ransomware attackers had a lot of private keys. The keys allow institutions and companies to recover data that was encrypted using the “LockerGoga”, or “MegaCortex”, ransomware attacks,” stated the Zurich Public Prosecutor’s Office in a coordinated .
BitDefender does not disclose how it obtained MegaCortex’s private keys, but they are likely to have used master keys that were found in Zurich.