Shade Ransomware stopped working, apologized to the victims, and released 750,000 decryption keys
If you are interested in the field of security - bring security, surely you are no stranger to the name Shade Ransomware (Troldesh). This extortion malware can be considered one of the worst 'nightmares' that have clung to the security world for many years. However, the people behind the operation of Shadow Ransomware have officially issued a statement of decommissioning, issued more than 750,000 decryption keys, and made a public apology for the damage they have caused to the victims. multiply.
Shade Ransomware was first discovered around 2014. Unlike other popular ransomware strains, this ransomware mainly targets people in Russia, Ukraine, as well as many other CIS countries.
The collapse of Shade Ransomware is a consequence of what has been predicted after the recession process and has lost its effectiveness over the past half year. According to security expert Michael Gillespie, founder of cybersecurity organization ID Ransomware, Shade Ransomware's attack performance has been declining rapidly and continuously since the end of 2019, due to not much change. new in the way they are spread, making them easier to break down and prevent early by advanced security systems.
The number of reported infections has dropped sharplyRecently, Shade Ransomware miners have created a repository on GitHub and announced that they have stopped distributing malicious code since the end of 2019. In addition, apologies, decryption keys as well as documentation on how to Data recovery encrypted by Shade Ransomware has also been launched:
'We are the team that created a trojan encoder, commonly known as Shade Ransomware, Troldesh or Encoder.858. In fact, we stopped distribution in late 2019, and now is a good time to end this whole story. There will be more than 750,000 decryption keys, along with the software and decoding instructions released by us in the near future as a sincere apology to anyone who has been in trouble with Shade. Ransomware. In addition, all other data related to our operations (including the trojan's source code) will be completely destroyed. '
Indeed, there were 5 key decryption key groups attached to the attackers in the repository, equivalent to more than 750,000 individual decryption keys for the victims. Along with that is a detailed guide on how to use the decryption key and link to their decryption program.
Key decodeHowever, the initial assessment showed that using the decryption key is not simple, and most ordinary users will find it hard to decode the document on their own, even with relatively detailed instructions.
To help support Shade Ransomware victims, Kaspersky said it will update its RakhniDecryptor ransomware decryption tool to include these keys and make it easy for victims to recover their data for free.
If you need to download the Ransomware decryption key, you can download it here: github.com/shade-team/keys
You should read it
- Shade ransomware, the nightmare of 5 years ago is showing signs of returning
- Even DSLR cameras can be easily attacked by ransomware
- PureLocker - a very 'weird' ransomware strain that can encrypt servers
- Detecting a new ransomware strain, not asking for data ransom, but only needing the victim to join the Hacker's Discord server
- 7 kinds of ransomware you didn't expect
- Ransomware (ransomware) is showing signs of explosion worldwide, paying is no longer the most effective option.
- How to bring custom notification bar like Android Pie to all current Android versions
- How to remove Moba ransomware from the operating system
- Why is Ransomware the perfect hack?
- Learn about Ransomware: 6 ransomware on computers
- Ako ransomware is raging all over the world, what do you know about this ransomware?
- A ransomware declared decommissioned and refunded the ransom to the victim
Maybe you are interested
Dangerous 'Helldown' Ransomware Warning Expands to Linux and VMware
Detecting a new ransomware strain that specializes in stealing login information from the Chrome browser
What is extortionware? How is it different from Ransomware?
New ransomware appears attacking Windows operating system
Difference between Cyber Extortion and Ransomware
How to enable ransomware restrictions on Windows