Security News > 2024 > January > And that's a wrap for Babuk Tortilla ransomware as free decryptor released

Security researchers have put out an updated decryptor for the Babuk ransomware family, providing a free solution for victims of the Tortilla variant.

Cisco Talos said it obtained the Babuk Tortilla decryptor and shared it with Avast, which already hosts the industry's go-to generic Babuk decryptor, now updated to support Tortilla victims.

The infosec arm of the networking giant didn't mention how it came to possess the decryptor, but said it was likely developed based on the Babuk source code leak from 2021 - the same leak that helped researchers develop the generic decryptor in the same year.

Avast said this made the task of updating the generic decryptor to support Tortilla "Straightforward," and that the use of a single private key across all victims means every Tortilla victim can benefit from the decryptor.

Organizations can download the updated decryptor from Avast or the Europol-run No More Ransom project, which also hosts a plethora of decryptors for other ransomware families.

Babuk is responsible for attacks on the healthcare and manufacturing sectors, as well as critical infrastructure, and its 2021 source code leak led to the emergence of various other ransomware families, all based on leaked Babuk code.

News URL

https://go.theregister.com/feed/www.theregister.com/2024/01/09/babuk_tortilla_decryptor_arrests/