Daily Tech News, Interviews, Reviews and Updates

The decryption keys for the ransomware Maze, Egregor, and Sekhmet have been released, Here is how you can get it

Security
By Team Tech Outlook
The decryption keys for the ransomware Maze, Egregor, and Sekhmet have been released, Here is how you can get it

Another indicator that hackers are shaken by recent law enforcement activity is the publication of a decryptor for the Maze, Egregor, and Sekhmet ransomware families.

Maze was originally regarded as one of the most active and well-known ransomware organisations. The gang acquired notoriety for pioneering the double-extortion strategy, in which hackers first exfiltrate a victim’s data then threatening to publish the stolen files unless a ransom is paid. Typical ransomware gangs infect a victim’s computer with file-encrypting malware and demand cryptocurrency in exchange for the victim’s files.

Egregor debuted in September 2020, just as the Maze operation was winding down, and used the same double-extortion strategy as its predecessor. Despite the fact that the operation claimed a number of victims, including Ubisoft, Barnes & Noble, Kmart, and Vancouver’s subway system, it was short-lived, as some members of Egregor were apprehended in Ukraine in February 2021.

Sekhmet, which debuted in March 2020, has a lot in common with Maze and Egregor. Although it appeared before the latter, cybersecurity researchers have noticed similarities in the two in terms of methods, obfuscation, API calls, and ransom notes.

In a Bleeping Computer forum post on Wednesday, someone claiming to be “Topleak,” the developer of all three ransomware families, revealed decryption keys for all three ransomware families.

“Because it will raise too many clues, the majority of which will be false, it is necessary to emphasise that it is a planned leak, with no connections to recent arrests and takedowns,” Topleak said, adding that none of their team members will ever return to ransomware and that all of the source code for their ransomware has been destroyed.

Emsisoft has provided a decryptor to allow victims of Maze, Egregor, and Sekhmet to retrieve their files for free, after confirming that the decryption keys are genuine.

According to Brett Callow, a ransomware expert and threat analyst at Emsisoft, the release of the decryption keys is just another indicator that hackers are worried.

“While the gang says that the release of the keys has nothing to do with REvil’s recent arrests – yeah, right. “The reality is that both their costs and dangers are rising,” Callow remarked. “Ransomware grew in popularity because thieves could operate with near-complete impunity. That isn’t the case now. While the situation is far from addressed, the risk/reward ratio now has significantly more ‘risk.'”

Readers like you help support The Tech Outlook. When you make a purchase using links on our site, we may earn an affiliate commission. We cannot guarantee the Product information shown is 100% accurate and we advise you to check the product listing on the original manufacturer website. Thetechoutlook is not responsible for price changes carried out by retailers. The discounted price or deal mentioned in this item was available at the time of writing and may be subject to time restrictions and/or limited unit availability. Amazon and the Amazon logo are trademarks of Amazon.com, Inc. or its affiliates Read More
Team Tech Outlook 5402 posts

Our aim is to showcase our love towards technology, but also love to post about Science,Web, Gadgets, Blogs, Interviews, reviews, and many more. Also we try to grow this tech community and help people in choosing the right Techies!

You might also like
Security

[Update- resolved]Motorola’s X Handle Falls Victim to Crypto Phishing Scam

Apps

Google Officially Rolls Out New Safety Features In Chrome

Security

macOS Security at Risk: Cthulhu Stealer Malware Targets Apple Users

Crypto

McDonald’s Instagram Account hacked, resulting in a $7,00,000 Cryptocurrency Scam

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More