Free decrypter unleashes Ragnarok ransomware on encrypted files

 To re-write it in a secure release and post it on the NoMoreRansom webpage, experts analyse the utility.

The Ragnarok (Asnarök) cyber ransomware organisation declared the completion of its activities and a free tool for the recovery of encrypted files.

On Thursday 26 August, on the Darknet Web Portal, there was a free decryptor with an embedded master key for decryption, where data from victims who refused to pay the ransom were previously published.

Several security scientists evaluated the decrypter and confirmed its legitimacy. You currently perform a detailed study of the tool in order to convert it into a secure, user-friendly version that is published on the NoMoreRansom portal of Europol.

In late 2019 - early 2020, cyber ransomware Ragnarok commenced business. With exploits, hackers have infiltrated and passed through to major servers and workstations in network and perimeter security systems.

The attackers additionally stolen files from an attacked network and threatened to post them on their portal on the darknet to boost their chances of the victim's payment if the money had not been transferred on time.

Typically, Citrix ADC gateways were assaulted by the gang. Moreover, it was she who has suffered a zero day vulnerability behind the unprecedented wave of attacks against Sophos XG firewalls. During the exploit, Sophos recognised the attacks and halted the deployment of ransomware by Ragnarok from installing a backdoor in Sophos XG firewalls around the world.

The Group modified its website design, remove the information from majority of its past victims and then even re-named Ragnarok's Daytona a month before exiting the cybercriminal field.

The third outfit to produce a decrypter for recovery of files this summer is Ragnarok. Thus, the Avaddon group published the decryption key in June and SynAck earlier in this month.