Avaddon Ransomware Fixes Flaw  Enabling Free Decryption

Avaddon Ransomware Fixes Flaw Enabling Free Decryption

 The Avaddon ransomware gang fixes a bug that lets victims recover their files without paying the ransom. The flaw was uncovered after a security researcher exploited it to create a decryptor.

Rey Juan Carlos University’s Ph.D. student Javier Yuste published the decryptor for the Avaddon Ransomware on his GitHub page and released a report about the flaw through ArXiv.

As per Yuste’s research, Avaddon ransomware creates a unique AES256 encryption session key used to encrypt and decrypt the files when it encrypts a device.  But a flaw in how the ransomware clears this key allowed Yuste to create a decryptor that recovers the key from memory as long as the system has not been shut down since being encrypted.

To Read More:  BleepingComputer