New Ryuk Ransomware Strain Can’t Always Decrypt Files

CryptoMode CyrusOne Ransomware Maze No More Ransom

Ransomware has been a problem for society over the past decade . It would appear even the criminals developing such tools can make costly mistakes now and then.

A new report by security company Emsisoft pains a very interesting picture.

Ryuk Ransomware is in a Pickle

Ryuk ransomware is a very serious threat on a global basis. 

However, not all iterations of this malware can be put in the same category.

Some versions of Ryuk have been corrupted on the code level.

While it was initially assumed this was an error, it appears there is some malicious intent behind this measure.

Hackers have seemingly lost their decryption tool for Ryuk, which creates a problematic situation.

Even if a user pays the ransom in Bitcoin, they cannot recover their files as there is no decryptor available.

This issue is created through a new update made by some Ryuk distributors.

The new code calculates the length of bytes in a file incorrectly.

Because of this change, the standard decryption tool for this malware will no longer work, as it doesn’t recognize the information correctly. 

For the time being, it remains unclear how widespread these issues could be.

Anyone who deals with Ryuk ransomware is advised to backup the encrypted files just in case the decryptor doesn’t work after paying the ransom.

None of the information on this website is investment or financial advice and does not necessarily reflect the views of CryptoMode or the author. CryptoMode is not responsible for any financial losses sustained by acting on information provided on this website by its authors or clients. Always conduct your research before making financial commitments, especially with third-party reviews, presales, and other opportunities.