Norton has released a free decryption tool for the newly emergent Midnight ransomware strain after researchers from its parent firm Gen Digital discovered a vulnerability stemming from operators' attempts to accelerate and strengthen the payload's encryption capabilities, HackRead reports.Despite building upon its Babuk ransomware-based underpinnings with the integration of ChaCha20 and RSA encryption, Midnight ransomware had faulty RSA key usage enabling partial decryption, according to researchers, who were able to convert the vulnerability into a practical recovery technique.Further analysis of the Midnight ransomware revealed the targeting of most files, aside from .exe, .dll, and .msi, through file size-based encryption. Encrypted files are often appended with .Midnight or .endpoint extensions, while targeted systems were found to have a ransom note referencing file restoration and a debug log file, researchers added.Organizations and users looking to use the free decryption tool have been advised to retain the backup option to ensure smooth data restoration.
Ransomware, Encryption
Novel Midnight ransomware decrypted
An In-Depth Guide to Ransomware
Get essential knowledge and practical strategies to protect your organization from ransomware attacks.
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds