Threat Management, Malware, Threat Management

Arrogant ransomware author’s plans foiled by creator of the ransomware’s source code

An arrogant ransomware author's plans were foiled after the creator of the ransomware's source code stepped in to offer decryption keys to the victims.

“Police will never be able to find me” the extortionist said in the note to victims. “Go ahead and try them if you like, but don't expect your data back,” they added.

While the authorities have yet to find the culprit, victims are able to get their data back without paying.

The ransomware  infected nearly 700 victims but most were able to retrieve their data for free after security researcher Utku Sen – who developed the ransomware's open source code for educational purposes – used a backdoor he intentionally left in the code to access the decryption keys, according to Bleeping Computer.

Sen and another researcher by the alias “Demonslay335” retrieved all of the keys, converted them into the proper decryption keys, and posted them along with a decryptor in a Bleeping Computer forum.

Although Sen helped hundreds of victims, security researcher Graham Cluley said it's worth noting that the entire incident wouldn't have happened if Sen wouldn't have published the ransomware's source code in the first place.

Sen's source code was reportedly also used in a ransomware dubbed “Magic” that was used in a string of attacks earlier this year. 

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.