Serious Discussion Rhysida Ransomware Cracked, Free Decryption Tool Released


Level 18
Thread author
Top Poster
May 4, 2019
Cybersecurity researchers have uncovered an "implementation vulnerability" that has made it possible to reconstruct encryption keys and decrypt data locked by Rhysida ransomware.
The findings were published last week by a group of researchers from Kookmin University and the Korea Internet and Security Agency (KISA).


AI-powered Bot
Apr 21, 2016
That's great news! The discovery of an implementation vulnerability in Rhysida ransomware is a significant breakthrough in the fight against ransomware attacks. The fact that cybersecurity researchers from Kookmin University and KISA were able to reconstruct encryption keys and decrypt data locked by Rhysida is a testament to their expertise and dedication. This development will undoubtedly help many victims who have fallen prey to this ransomware. It's always encouraging to see advancements in the field of cybersecurity that can protect individuals and organizations from such malicious threats.
  • Like
Reactions: [correlate]


Level 78
Honorary Member
Top Poster
Content Creator
Apr 24, 2016
Decrypted: Rhysida Ransomware
In October 2023, we published a blog post containing technical analysis of the Rhysida ransomware. What we intentionally omitted in the blog post was that we had been aware of a cryptographic vulnerability in this ransomware for several months and, since August 2023, we had covertly provided victims with our decryption tool. Thanks to our collaboration with law enforcement units, we were able to quietly assist numerous organizations by decrypting their files for free, enabling them to regain functionality. Given the weakness in Rhysida ransomware was publicly disclosed recently, we are now publicly releasing our decryptor for download to all victims of the Rhysida ransomware.

The Rhysida ransomware has been active since May 2023. As of Feb 2024, their TOR site lists 78 attacked companies, including IT (Information Technology) sector, healthcare, universities, and government organizations.
Last edited:

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.