acm-header
Sign In

Communications of the ACM

ACM TechNews

Coding Bug Helped Researchers Build Secret BlackMatter Ransomware Decryption Tool


A representation of the BlackMatter ransomware operation.

Once it had discovered the vulnerability, Emsisoft alerted law enforcement, ransomware negotiations firms, incident response firms, national computer emergency readiness teams (CERTs), and trusted partners with information about its decryption capabilitie

Credit: tesorion.nl

Researchers at the cybersecurity firm Emsisoft helped recover encrypted files of victims of the BlackMatter ransomware operation.

The researchers determined that a vulnerability in BlackMatter's encryption process allowed encrypted files to be recovered without victims paying the ransom.

They did not announce the vulnerability when it was discovered earlier this year for fear the BlackMatter group would issue a fix.

Emsisoft's Fabian Wosar said, "Since then, we have been busy helping BlackMatter victims recover their data. With the help of law enforcement agencies, CERTs [computer emergency readiness teams], and private sector partners in multiple countries, we were able to reach numerous victims, helping them avoid tens of millions of dollars in demands."

From Tech Crunch
View Full Article

 

Abstracts Copyright © 2021 SmithBucklin, Washington, DC, USA


 

No entries found