July 8, 2024 at 08:51AM
Avast researchers have provided decryptors for victims of the DoNex ransomware, a threat that has undergone several rebrands and targeted victims in various countries. The decryptor is freely available and can be run as administrator, with the password-cracking process recommended for the 64-bit version due to its memory-intensive nature.
Based on the meeting notes, here are the key takeaways:
1. Avast researchers identified a flaw in the cryptography of the DoNex ransomware, leading to the provision of decryptors to victims.
2. DoNex has undergone multiple rebrands and is associated with previous versions such as Muse and DarkRace, displaying little effort in developing a novel strain throughout its lifecycle.
3. The ransom note of the fake versions of DoNex showed similarities with the genuine LockBit article, suggesting a lack of originality.
If you need any further information or specific details, feel free to ask.