Security News > 2022 > July > AstraLocker ransomware shuts down and releases decryptors
The threat actor behind the lesser-known AstraLocker ransomware told BleepingComputer they're shutting down the operation and plan to switch to cryptojacking.
The ransomware's developer submitted a ZIP archive with AstraLocker decryptors to the VirusTotal malware analysis platform.
A universal decryptor for AstraLocker ransomware is currently in the works, to be released in the future by Emsisoft, a software company known for helping ransomware victims with data decryption.
While it doesn't happen as often as we'd like, other ransomware groups have released decryption keys and decryptors to BleepingComputer and security researchers as a gesture of goodwill when shutting down or releasing new versions.
As threat intelligence firm ReversingLabs recently revealed, AstraLocker used a somewhat unorthodox method of encrypting its victims' devices compared to other ransomware strains.
Based on ReversingLabs' analysis, AstraLocker is based on the leaked Babuk Locker ransomware source code, a buggy but still dangerous strain that exited the space in September 2021.