{"id":5468,"date":"2021-10-27T14:44:55","date_gmt":"2021-10-27T05:44:55","guid":{"rendered":"https:\/\/cyberenso.jp\/?p=5468"},"modified":"2021-12-06T14:46:37","modified_gmt":"2021-12-06T05:46:37","slug":"avast-releases-free-babuk-ransomware-decryptor-based-on-leaked-source-code","status":"publish","type":"post","link":"https:\/\/cyberenso.jp\/en\/avast-releases-free-babuk-ransomware-decryptor-based-on-leaked-source-code\/","title":{"rendered":"Avast releases free Babuk ransomware decryptor based on leaked source code"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-post\" data-elementor-id=\"5468\" class=\"elementor elementor-5468\" data-elementor-post-type=\"post\">\n\t\t\t\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-2e0d751 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"2e0d751\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-150817d\" data-id=\"150817d\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t\t\t<div class=\"elementor-element elementor-element-9b51bf4 elementor-widget elementor-widget-text-editor\" data-id=\"9b51bf4\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>On Wednesday 27<sup>th<\/sup> of October 2021, Avast, a Czech cybersecurity software firm announced that they had released a free decryption tool for Babuk ransomware victims based on leaked source code and decryption keys. The decryptor is valid for victims who have had their files encrypted by the Babuk ransomware that used the following extensions: .babuk, .babyk, .doydo.<\/p><p>The source code for the ransomware that the Babuk gang uses was leaked on a Russian-speaking hacking forum in September by a threat actor who claimed to be a member of the Babuk ransomware group who was motivated to leak the source code by his terminal cancer condition.<\/p><p>The archive that contained the leaked source code included different Visual Studio projects for VMware ESXi, NAS, and Windows encryptors, and full source code for Windows encryptor, decryptor, and private and public key generators. Researchers also believe that the leak also included encryptors and decryptors compiled for specific victims of the ransomware gang.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>On Wednesday 27th of October 2021, Avast, a Czech cybersecurity software firm announced that they had released a free decryption tool for Babuk ransomware victims based on leaked source code and decryption keys. The decryptor is valid for victims who have had their files encrypted by the Babuk ransomware that used the following extensions: .babuk, .babyk, .doydo. The source code<span class=\"excerpt-hellip\"> [\u2026]<\/span><\/p>\n","protected":false},"author":1,"featured_media":5473,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6,10,12,16,9,2,3],"tags":[],"class_list":["post-5468","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-latest_news","category-latest_vulnerabilities","category-read_article","category-read_case_studies","category-ransomware_criminals","category-ce_news","category-ce_read"],"acf":[],"jetpack_featured_media_url":"https:\/\/i0.wp.com\/cyberenso.jp\/wp-content\/uploads\/2021\/12\/Picture2.jpg?fit=1379%2C919&ssl=1","_links":{"self":[{"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/posts\/5468"}],"collection":[{"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/comments?post=5468"}],"version-history":[{"count":6,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/posts\/5468\/revisions"}],"predecessor-version":[{"id":5476,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/posts\/5468\/revisions\/5476"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/media\/5473"}],"wp:attachment":[{"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/media?parent=5468"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/categories?post=5468"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/tags?post=5468"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}