Romanian cybersecurity company Bitdefender has released a free decryptor for the MegaCortex ransomware.
The MegaCortex ransomware first appeared in January 2019 with a few interesting attributes, including the use of a signed executable as part of the payload, and an offer of security consulting services from the malware author. The ransomware used both automated and manual components to infect as many victims as possible. The MegaCortex ransomware is being targeted at corporations rather than individual users and may possibly be leveraging networks that have already been compromised in a previous attack using Emotet and Qakbot malware.
The creation of the decryptor was the combined work of Bitdefender analysts and experts from Europol, the NoMoreRansom Project, and the Zürich Public Prosecutor’s Office and Cantonal Police.
Using the decryptor is pretty straightforward, as it’s a standalone executable that doesn’t require installation and offers to locate encrypted files on the system automatically.
Moreover, the decryptor can back up the encrypted files for safety in case something goes wrong in the decryption process that could corrupt the files beyond recovery.
Also, for those who attempted to decrypt their files previously with mixed success, the new decryptor offers an advanced setting to replace them with clean files.
You may download the tool from this page and read the user manual for more details on using Bitdefender’s MegaCortex decryptor.
