Security News > 2024 > January > Decryptor for Babuk ransomware variant released after hacker arrested
Researchers from Cisco Talos working with the Dutch police obtained a decryption tool for the Tortilla variant of Babuk ransomware and shared intelligence that led to the arrest of the ransomware's operator.
Tortilla is a Babuk ransomware variant that emerged in the wild shortly after the source code of the original malware leaked on a hacker forum.
Avast released a decrypter for Babuk a month before the new variant appeared but it didn't work for Tortilla encryption because it used a different private key.
Today, Cisco Talos announced that, in cooperation with the Dutch police, it obtained a decryptor that the Tortilla ransomware operator provided to victims that paid the ransom.
Cisco Talos notes that Tortilla is not the only operation that used Babuk ransomware code to encrypt victims.
New Black Basta decryptor exploits ransomware flaw to recover files.
News URL
Related news
- Chinese and N. Korean Hackers Target Global Infrastructure with Ransomware (source)
- Microsoft links Scattered Spider hackers to Qilin ransomware attacks (source)
- North Korean Hackers Shift from Cyber Espionage to Ransomware Attacks (source)
- US offers $10M for tips on DPRK hacker linked to Maui ransomware attacks (source)
- U.S. DoJ Indicts North Korean Hacker for Ransomware Attacks on Hospitals (source)
- Belarusian-Ukrainian Hacker Extradited to U.S. for Ransomware and Cybercrime Charges (source)