Security News > 2023 > December > New Black Basta decryptor exploits ransomware flaw to recover files
Researchers have created a decryptor that exploits a flaw in Black Basta ransomware, allowing victims to recover their files for free.
The decryptor allows Black Basta victims from November 2022 to this month to potentially recover their files for free.
The 'Black Basta Buster' decryptor comes from Security Research Labs, which found a weakness in the encryption algorithm used by the ransomware gang's encryptors that allows for the discovery of the ChaCha keystream used to XOR encrypt a file.
The researchers at SRLabs have released a decryptor called Black Basta Buster that consists of a collection of python scripts that assist you in decrypting files under different scenarios.
BleepingComputer encrypted the files on a virtual machine with a Black Basta encryptor from April 2023 to test the decryptor.
While new Black Basta victims will no longer be able to recover their files for free, older victims may be more lucky if they were holding out for a decryptor.