The team at Malwarebytes has identified a weakness in the encryption scheme utilized by the LockCrypt ransomware that they can exploit to recover a victim's data.
The flaw —explained in a Malwarebytes report
here— resides in the fact that the LockCrypt crew decided to roll out a custom encryption scheme instead of using proven systems.
Researchers' efforts were also aided after discovering a LockCrypt sample that was not obfuscated or crypted, allowing investigators access to the ransomware's internal structure in great detail.
With the new info that researchers gathered, they were now able to provide help to victims who got infected by this threat.
The Necessity of Simulating the Full Malware Infection Chain for Security Suite Testing
Google ads push BumbleBee malware used by ransomware gangs