January 9, 2024 at 08:22AM
Security researchers, in collaboration with Cisco Talos, Avast, and the Netherlands police, have released an updated decryptor for the Babuk ransomware Tortilla variant. The decryptor, freely available online, utilizes a single private key across all victims, making it straightforward to support Tortilla victims. Organizations can access the decryptor from Avast or the No More Ransom project.
From the meeting notes, the key takeaways are:
– Security researchers have developed an updated decryptor for the Babuk ransomware family’s Tortilla variant, offering a free solution for victims.
– The collaboration between Cisco Talos, Avast, and the Netherlands police led to the development of the new decryptor and the arrest of the criminals behind the variant.
– The Babuk ransomware family emerged in 2020 or 2021 and is responsible for attacks on various sectors, including healthcare, manufacturing, and critical infrastructure.
– The Tortilla variant targeted vulnerable Microsoft Exchange servers and used specific infection chain techniques.
These takeaways summarize the essential details from the meeting notes. Let me know if you need further information or a detailed summary on any specific aspect.