Researchers from Avast have discovered a flaw in the cryptographic schema of the DoNex ransomware and its predecessors. In cooperation with law enforcement organizations, we have been silently providing the decryptor to DoNex ransomware victims since March 2024. The cryptographic weakness was...
HomuWitch is a ransomware strain that initially emerged in July 2023. Unlike the majority of current ransomware strains, HomuWitch targets end-users - individuals - rather than institutions and companies.
The team at Avast has developed a decryptor for the Rhysida ransomware and released it for public download. The Rhysida ransomware has been active since May 2023. As of Feb 2024, their TOR site lists 78 attacked companies, including IT (Information Technology) sector, healthcare, universities, and...
In cooperation with Cisco Talos and Dutch Police, Avast is releasing an updated version of the Avast Babuk decryption tool, capable of restoring files encrypted by the Babuk variant called Tortilla.
Technical analysis of Rhysida Ransomware family that emerged in the Q2 of 2023
Researchers for Avast have developed a decryptor for the Akira ransomware and released it for public download. The Akira ransomware appeared in March 2023 and since then, the gang claims successful attacks on various organizations in the education, finance and real estate industries, amongst others.
The team at Avast has developed a decryptor for the BianLian ransomware and released it for public download. The BianLian ransomware emerged in August 2022, performing targeted attacks in various industries, such as the media and entertainment, manufacturing and healthcare sectors, and raised the...
Avast releases a MafiaWare666 ransomware decryption tool. MafiaWare666 is also known as JCrypt, RIP Lmao, BrutusptCrypt or Hades. Victims of this ransomware can now recover their data without paying the ransom.
The TaRRaK ransomware appeared in June of 2021. This ransomware contains many coding errors, so we decided to publish a small blog about them. Samples of this ransomware were spotted in our user base, so we also created a decryptor for this ransomware. Skip to instructions on how to use the TaRRaK...
Avast Releases Decryptor for the Prometheus Ransomware. Prometheus is a ransomware strain written in C# that inherited a lot of code from an older strain called Thanos. Skip to how to use the Prometheus ransomware decryptor. How Prometheus Works Prometheus tries to thwart malware analysis by...