Security News > 2024 > January > Decryptor for Babuk ransomware variant released after hacker arrested

Decryptor for Babuk ransomware variant released after hacker arrested
2024-01-09 16:46

Researchers from Cisco Talos working with the Dutch police obtained a decryption tool for the Tortilla variant of Babuk ransomware and shared intelligence that led to the arrest of the ransomware's operator.

Tortilla is a Babuk ransomware variant that emerged in the wild shortly after the source code of the original malware leaked on a hacker forum.

Avast released a decrypter for Babuk a month before the new variant appeared but it didn't work for Tortilla encryption because it used a different private key.

Today, Cisco Talos announced that, in cooperation with the Dutch police, it obtained a decryptor that the Tortilla ransomware operator provided to victims that paid the ransom.

Cisco Talos notes that Tortilla is not the only operation that used Babuk ransomware code to encrypt victims.

New Black Basta decryptor exploits ransomware flaw to recover files.


News URL

https://www.bleepingcomputer.com/news/security/decryptor-for-babuk-ransomware-variant-released-after-hacker-arrested/