"Decryptor for Babuk Ransomware Variant Released After Hacker Arrested"

Cisco Talos researchers collaborated with Dutch police to obtain a decryption tool for the Tortilla variant of Babuk ransomware and shared intelligence that resulted in the arrest of the ransomware's operator. Tortilla is a Babuk ransomware variant that appeared in the wild shortly after the original malware's source code was leaked on a hacker forum. The threat actor used ProxyShell exploits on Microsoft Exchange servers to deploy the data-encrypting malware. Avast released a Babuk decryptor a month before the new variant, but it did not work for Tortilla encryption because it used a different private key. This article continues to discuss the release of a decryptor for the Babuk ransomware variant.

Bleeping Computer reports "Decryptor for Babuk Ransomware Variant Released After Hacker Arrested"

Submitted by grigby1

Submitted by grigby1 CPVI on