New Update Free Ransomware Decryption Tools by Avast

[Ink]

Our free ransomware decryption tools can help decrypt files encrypted by the following forms of ransomware. Just click a name to see the signs of infection and get our free fix.

We are committed to fighting back against ransomware and one of the ways we are doing so is by providing free decryption tools to ransomware victims.

Free Ransomware Decryption Tools | Unlock Your Files | Avast

www.avast.com

Source: Avast Releases Three New Decryption Tools to Fight Ransomware

 

[vemn]

Anyone tried yet?

 

[Gandalf_The_Grey]

Decrypted: TaRRaK Ransomware

The TaRRaK ransomware appeared in June of 2021. This ransomware contains many coding errors, so we decided to publish a small blog about them. Samples of this ransomware were spotted in our user base, so we also created a decryptor for this ransomware.

Decrypted: TaRRaK Ransomware - Avast Threat Labs

The TaRRaK ransomware appeared in June of 2021. This ransomware contains many coding errors, so we decided to publish a small blog about them. Samples of this ransomware were spotted in our user base, so we also created a decryptor for this ransomware. Skip to instructions on how to use the...

decoded.avast.io

 

[Gandalf_The_Grey]

Decrypted: MafiaWare666 Ransomware

Avast releases a MafiaWare666 ransomware decryption tool. MafiaWare666 is also known as JCrypt, RIP Lmao, BrutusptCrypt or Hades.

MafiaWare666 is a ransomware strain written in C# which doesn’t contain any obfuscation or anti-analysis techniques. It encrypts files using the AES encryption. We discovered a vulnerability in the encryption schema that allows some of the variants to be decrypted without paying the ransom. New or previously unknown samples may encrypt files differently, so they may not be decryptable without further analysis.

Decrypted: MafiaWare666 Ransomware - Avast Threat Labs

Avast releases a MafiaWare666 ransomware decryption tool. MafiaWare666 is also known as JCrypt, RIP Lmao, BrutusptCrypt or Hades. Victims of this ransomware can now recover their data without paying the ransom.

decoded.avast.io

 

[Gandalf_The_Grey]

Avast releases free BianLian ransomware decryptor

Security software company Avast has released a free decryptor for the BianLian ransomware strain to help victims of the malware recover locked files without paying the hackers.

The availability of a decryptor comes only about half a year after increased activity from BianLian ransomware over the summer of 2022, when the threat group breached multiple high-profile organizations.

Avast's decryption tool can only help victims attacked by a know variant of the BianLian ransomware.

If the hackers are using a new version of the malware that researchers have yet to catch, the tool is of no help at the moment.

However, Avast says the BianLian decryptor is a work in progress, and the ability to unlock more strains will be added shortly.

Avast releases free BianLian ransomware decryptor

Security software company Avast has released a free decryptor for the BianLian ransomware strain to help victims of the malware recover locked files without paying the hackers.

www.bleepingcomputer.com

Decrypted: BianLian Ransomware - Avast Threat Labs

The team at Avast has developed a decryptor for the BianLian ransomware and released it for public download. The BianLian ransomware emerged in August 2022, performing targeted attacks in various industries, such as the media and entertainment, manufacturing and healthcare sectors, and raised...

decoded.avast.io

 

[Gandalf_The_Grey]

Decrypted: Akira Ransomware

Researchers for Avast have developed a decryptor for the Akira ransomware and released it for public download. The Akira ransomware appeared in March 2023 and since then, the gang claims successful attacks on various organizations in the education, finance and real estate industries, amongst others.

Note that this ransomware is not related to the Akira ransomware discovered by Karsten Hahn in 2017 and our decryptor cannot be used to decrypt files from this old variant.

The Akira ransomware comes as a 64-bit Windows binary written for Windows operating system. It is written in C++ with heavy support from C++ libraries. Additionally, Boost library was used to implement the asynchronous encryption code. The binary is linked by Microsoft Linker version 14.35.

In June 2023, a security researcher rivitna published a sample that is compiled for Linux. The Linux version is 64-bit and uses the Boost library.

Decrypted: Akira Ransomware - Avast Threat Labs

Researchers for Avast have developed a decryptor for the Akira ransomware and released it for public download. The Akira ransomware appeared in March 2023 and since then, the gang claims successful attacks on various organizations in the education, finance and real estate industries, amongst others.

decoded.avast.io

How to use the Avast decryption tool to decrypt files encrypted by the ransomware:

Decrypted: Akira Ransomware - Avast Threat Labs

Researchers for Avast have developed a decryptor for the Akira ransomware and released it for public download. The Akira ransomware appeared in March 2023 and since then, the gang claims successful attacks on various organizations in the education, finance and real estate industries, amongst others.

decoded.avast.io