Security firm Bitdefender released a tool that allows victims of the Darkside ransomware to recover their files without paying the ransom.

Good news for the victims of the Darkside ransomware, they could recover their files for free using a tool that was released by the security firm Bitdefender. The decrypter seems to work for all recent versions of the Darkside ransomware.

Darkside ransomware first appeared in the threat landscape in August 2020, its operators were distributing it using a ransomware-as-a-service business model.

2020-08-21: #DarkSide #Ransomware | Made for Targeted Intrusions with Preset Exfiltration |Page from #REvil MessageCurious TeamViewer.exe & VM Process AvoidancePossible Attack/Persistence Vector Clueh/t @demonslay335 | @malwrhunterteam https://t.co/MCIYmOu7fY pic.twitter.com/KZcIcJJAnp— Vitali Kremez (@VK_Intel) August 21, 2020
Quick analysis notes for #DarkSide #Ransomware: https://t.co/8rIpXDrUOuSalsa20 + RSA-1024 encryptionCustom Salsa20 matrix built using RtlRandomExCustom checksum algorithm for ID, Mutex, and key verification— Michael Gillespie (@demonslay335) August 12, 2020Like other ransomware gangs, Darkside ransomware operators threaten to leak files stolen from the victims if they don’t pay the ransom.

The group is still active but has yet to publish data of its victims on its leak site.

What will the gang do in the next weeks?

The ransomware author have to review their operations and improve their file encryption process to make the free decryption inefficient.

If you want to receive the weekly Security Affairs Newsletter for free subscribe here.

try {
window._mNHandle.queue.push(function (){
window._mNDetails.loadTag(“816788371”, “300×250”, “816788371”);
});
}
catch (error) {}

try {
window._mNHandle.queue.push(function (){
window._mNDetails.loadTag(“816788371”, “300×250”, “816788371”);
});
}
catch (error) {}
Pierluigi Paganini

(SecurityAffairs – hacking, ransomware)

The post Bitdefender releases free decrypter for Darkside ransomware appeared first on Security Affairs.