The Avaddon ransomware gang fixes a bug that lets victims recover their files without paying the ransom. The flaw was uncovered after a security researcher exploited it to create a decryptor.
Rey Juan Carlos University’s Ph.D. student Javier Yuste published the decryptor for the Avaddon Ransomware on his GitHub page and released a report about the flaw through ArXiv.
As per Yuste’s research, Avaddon ransomware creates a unique AES256 encryption session key used to encrypt and decrypt the files when it encrypts a device. But a flaw in how the ransomware clears this key allowed Yuste to create a decryptor that recovers the key from memory as long as the system has not been shut down since being encrypted.
To Read More: BleepingComputer
