Security News > 2021 > February > Avaddon ransomware fixes flaw allowing free decryption
The Avaddon ransomware gang has fixed a bug that let victims recover their files without paying the ransom.
On Tuesday, Javier Yuste, a Ph.D. student at Rey Juan Carlos University, published a decryptor for the Avaddon Ransomware on his GitHub page and released a report describing the flaw through ArXiv.
According to Yuste's research, when the Avaddon ransomware encrypts a device, it creates a unique AES256 encryption session key used to encrypt and decrypt the files.
As first reported by ZDnet, one day after the decryptor was released, the Avaddon ransomware developer posted to a hacker forum that they had fixed the flaw.
To compensate the operation's affiliates whose victims may have received free decryption, the ransomware developer increased affiliates' revenue share to 80%. The normal revenue share for Avaddon affiliates is 65-75%, depending on how many victims they generate.
One threat actor went as far as creating a ransomware called 'Fabiansomware' after the ransomware expert Fabian Wosar.