MegaCortex ransomware victims can now escape with a free decryptor

Don’t pay ransomware attackers to decrypt your files

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Antiviruscompany Bitdefender has released a decryptor for the MegaCortexransomwarefamily which enables victims to restore their data for free.

The decryptor, developed in conjunction with Europol, the NoMoreRansom Project, the Zürich Public Prosecutor’s Office, and the Zürich Cantonal Police, is a standalone executable that does not need to be installed and can locate encrypted files on a system automatically.

There are a few criteria that Bitdefender sets out on itswebsite, noting, “Victims with data encrypted by versions 2 through 4 need the ransom note (e.g. “!!READ_ME!!!.TXT”, “!-!README!-!.RTF”, etc) present. MegaCortex V1 decryption (the encrypted files have the “.aes128ctr” extension appended) requires the presence of the ransom note and TSV log file (e.g. “fracxidg.tsv”) created by the ransomware.”

MegaCortex decryptor

MegaCortex was first uncovered in May 2019 by Sophos researchers, and while it has remained fairly dormant in recent times, it has been noted that the ransomware has primarily targeted corporations and businesses.

The tool also promises to back up encrypted files, in case the decryption process corrupts them to the point that they are no longer salvageable.

These are the best firewall tools around>Bitdefender wants to help protect your live chat>Hardware drivers approved by Microsoft used in ransomware attacks

The MegaCortex decryptor is the latest addition to the NoMoreRansom initiative, which provides decryption tools to victims of ransomware attacks for free. To date, the project has helped over 1.5 million victims retrieve their files without paying cyber criminals.

Security companies recommend that victims refrain from paying to regain access to their data, fearing that this could spur on further attacks. As ever, prevention is the best medicine, and installing relevant protection and applying security updates and patches remains highly regarded.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

With several years’ experience freelancing in tech and automotive circles, Craig’s specific interests lie in technology that is designed to better our lives, including AI and ML, productivity aids, and smart fitness. He is also passionate about cars and the decarbonisation of personal transportation. As an avid bargain-hunter, you can be sure that any deal Craig finds is top value!

This new phishing strategy utilizes GitHub comments to distribute malware

Should your VPN always be on?

New fanless cooling technology enhances energy efficiency for AI workloads by achieving a 90% reduction in cooling power consumption