Cybercriminals use ransomware to lock files on their victims’ devices and demand payment in exchange for decrypting them.
Such attacks affect individuals and organizations, causing financial and operational difficulties.
In collaboration with Avast, Cisco Talos and the Dutch Police, a decryption tool developed against the latest version of Babuk ransomware has been updated.
This tool helps victims recover their encrypted data.
Babuk ransomware emerged in 2021, encrypting files on Windows systems and demanding ransom.
Avast has blocked Babuk’s attack attempts more than 5,600 times since its inception.
The attacks mainly targeted Brazil, the Czech Republic, India, the United States and Germany.
The updated decryptor has been designed specifically for the ‘Tortilla Babuk’ variant and provides relief to the victims.
The decryption was possible because it was consistent with the encryption method analyzed two years ago.
Using a single key throughout the campaign increases the effectiveness of the decryptor.
Avast’s decryption tool is available publicly and free of charge and helps victims of the Tortilla campaign marked with the ‘.
babyk’ file extension. Ransomware often leaves a ransom note titled “How To Restore Your Files.txt” on infected systems.