Articles Free decryptor for Lorenz ransomware has appeared

Free decryptor for Lorenz ransomware has appeared


Dutch company Tesorion has released a free decryptor for data affected by Lorenz ransomware attacks. Now some files can be recovered for free, without paying the ransom.

Lorenz ransomware has been “operational” since April 2021 and attacks only corporate targets. During this time, the website of its operators published the data of twelve victims, whose information was stolen by hackers. According to cybersecurity researchers, the ransomware code is based on the code of the old ThunderCrypt and SZ40 malware families.

The decoder created by Tesorion can be downloaded from the NoMoreRansome website. Unlike other similar tools that usually work with the actual decryption key, this decryptor works differently and will only help you recover certain types of files. In particular, it is possible to decrypt files with well-known structure, including Office documents, PDF files, and some types of images and movies. Unfortunately, Tesorion will not cope with files of unknown types or with an unusual structure.

The researchers also published information on the encryption technique that Lorenz uses. The company’s blog says that an error was discovered in the hackers’ code that could lead to data loss and prevent files from being decrypted, even if the ransom was paid to the attackers.

“As a result of this error, for every file that is a multiple of 48 bytes, the last 48 bytes are lost. Even if you managed to get a decoder from the malware authors, these bytes can no longer be recovered, ”the experts explain.

Must read

28 dangerous extensions detected for Google Chrome and Microsoft Edge

Avast experts have discovered malware hidden in at least 28 third-party...

Critical Infrastructure Warning! Millions of PLCs, switches, IoT devices are under threat

Eleven vulnerabilities, combined under the name Urgent / 11,...

Why Is It Important To Have Intrusion Detection And Prevention ?

This article describes why detection and prevention of burglaries...

The risk is real: attacks on OT infrastructure

Previously, many believed that attacks on an isolated OT...

Gitpaste-12: Linux bot armed with a dozen exploits

Researchers at Juniper Networks have discovered a Linux scripting...

Saferwall : Open Source Malware Analysis

Saferwall is an open source malware analysis platform. It...

Network Vulnerability Assessment ? Why Should Every Company Do it at least once a Year !

Network vulnerability assessment analyzes a variety of network issues,...

Artificial Intelligence and Cyber Security

As artificial intelligence intrudes into the world of cybersecurity,...

You might also likeRELATED
Recommended to you