Register now for better personalized quote!

Ransomware decryption: This tool could help some BianLian ransomware victims get files back

Jan, 18, 2023 Hi-network.com
Image: Getty

Cybersecurity analysts have released a decryptor for BianLian ransomware that could allow victims to retrieve their encrypted files for free -- and avoid paying a ransom demand to cyber criminals. 

BianLian first appeared in August last year, with a series of attacks claiming victims in industries including media, manufacturing, and healthcare. The attacks have hit organizations around the world, with victims in countries such as the US, Australia, and the UK. 

Targeting Windows systems, and written in open-source programming language Go, BianLian uses an encryption technique that divides files into chunks, which helps it to encrypt systems at high speed, as well as helping it to avoid detection before the encryption has been completed. 

Security

  • 8 habits of highly secure remote workers
  • How to find and remove spyware from your phone
  • The best VPN services: How do the top 5 compare?
  • How to find out if you are involved in a data breach -- and what to do next

Once this process is completed, victims are presented with a ransom note telling them they've been hit with ransomware and that they need to contact the attackers to "restore" their data. Options for doing this include an encrypted messaging app or email.  

Also: Ransomware has now become a problem for everyone, and not just tech

The BianLian attackers also warn victims that they've stolen data and will publish it if they don't receive a ransom payment within 10 days. 

But now victims have the chance to retrieve their files without paying the ransom, because cybersecurity researchers at Avast have developed and released a free BianLian ransomware decryption tool. 

However, the researchers warn that the decryptor can only restore files encrypted by a known variant of the BianLian ransomware -- new versions that appear won't be decrypted by the tool in its current state.

"For new victims, it may be necessary to find the ransomware binary on the hard drive; however, because the ransomware deletes itself after encryption, it may be difficult to do so," said a blog post by Avast Threat Research. 

Also: Ransomware: Why it's still a big threat, and where the gangs are going next

The free BianLian ransomware decryptor is available to download from Avast -- and the company says it's actively looking for new samples to update the decryptor, so it can be used against more attacks. 

Ransomware continues to be a major cybersecurity threat to organizations around the world, but falling victim isn't inevitable.  

Steps that organizations can take to avoid falling victim include protecting user accounts with multi-factor authentication, ensuring that common or easily guessable passwords aren't being used, and applying security updates, which protect systems against known vulnerabilities, as soon as possible. 

MORE ON CYBERSECURITY

  • Ransomware decryption tool: Victims of MegaCortex can now unlock their files for free
  • Ransomware: This is how half of attacks begin, and this is how you can stop them
  • The real cost of ransomware is even bigger than we realised
  • This company was hit by ransomware. Here's what they did next, and why they didn't pay up
  • Police tricked a ransomware gang into handing over its decryption keys. Here's how they did it

tag-icon Hot Tags : Tech Security

Copyright © 2014-2024 Hi-Network.com | HAILIAN TECHNOLOGY CO., LIMITED | All Rights Reserved.