"Decryption Keys Released for Maze, Sekhmet, and Egregor Ransomware Strains"
Master decryption keys have been released for the Maze, Sekhmet, and Egregor ransomware strains. The alleged malware developer released the master ransomware keys for these three strains on the Bleeping Computer forums. The security firm, Emsisoft, has verified that the master decryption keys work and released a free decryptor. According to Bleeping Computer, in order to use the decryptor, the victim must have a ransom note for the infection that includes an encrypted decryption key for Emsisoft's tool to decrypt. The master keys were released by someone seemingly tied to the groups, meaning that any organization whose files were locked using any of those strains of crypto-locking malware can now decrypt their files for free. Brett Callow, a threat analyst at Emsisoft, says that companies commonly archive any encrypted data that they could not recover, expecting that a decryptor will eventually become available. If victims still have the original encrypted files on a disk, they can now recover their data. Although this may not make a significant difference regarding business continuity, it could help victims get their critical historical records back for tax purposes, insurance purposes, and more. While the release of master decryption keys for all three strains helps victims recover important data, the keys do not repair the considerable damage and disruption associated with the ransomware strains. The Maze and Egregor ransomware strains were among the most observed ransomware infections with the greatest ransom demands. For example, the threat actors behind Maze ransomware regularly demanded $1 million to $2 million worth in ransoms. In 2020, Maze and Conti were the most commonly seen strains of ransomware used in attacks against healthcare sector organizations. In addition, the actors behind the ransomware strains have introduced innovative new business practices such as the double-extortion tactic in which threats are made to release the data unless a victim paid the demanded ransom. This article continues to discuss the release of decryption keys for Maze, Sekhmet, and Egregor victims, as well as the history, impact, and constant innovation of the three ransomware strains.