The Deadbolt ransomware gang has been lured to provide 155 decryption keys to the Dutch National Police in an operation done in collaboration with cybersecurity company Responders.NU, which involved fake ransomware payments, BleepingComputer reports.
Twenty thousand QNAP and Asustor network attached storage devices around the world have been encrypted by Deadbolt since January.
"The police paid, received the decryption keys, and then withdrew the payments. These keys allow files such as treasured photos or administration to be unlocked again, at no cost to victims," said the Dutch National Police in a statement.
Meanwhile, Responders.NU security expert Rickey Gevers said that the decryption keys were successfully obtained by canceling the transactions with Deadbolt prior to their inclusion to a block.
"So we made transactions with a minimum fee. And since we knew that the attacker would find out one moment, we had to smash and grab. The attacker found out within several minutes, but we were able to grab 155 keys. 90% of the victims who reported the deadbolt attack to the police. So most of them got the decryption key for free," said Gevers.
Vulnerabilities impacting cloud analytics and business intelligence software Qlik Sense have been exploited to facilitate the deployment of CACTUS ransomware in a new campaign, The Hacker News reports.
Staples cyberattack disrupts online orders BleepingComputer reports that outages at American office supply retail chain that disrupted online orders were confirmed to have been caused by a cyberattack.
Cyber Resilience in the Ransomware and Wiper Era New Strategies for CISOs to Protect
The changing face of ransomware, and how to respond
Unveiling the Hidden Threat: Hybrid Attackers Leveraging Identities to Execute Ransomware
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news