Rains in the Desert: Some Takedowns, Some Shutdowns
Several reports indicate that, in the past few months, ransomware attacks and other malicious activities are surging day by day. However, there have been several positive developments such as malware shutdowns, that acted as some sign of relief. Here is a summary of some news around recent takedowns and shutdowns of notorious attack vectors.
First things first
To begin with, here are some recent shutdown incidents by the attackers themselves.
- Recently, the Ziggy ransomware operation was shut down when its admin made an announcement and released decryption keys for all victims.
- In the last month, FonixCrypter operators had released the master decryption key and claimed the shutdown and deletion of their ransomware's source code.
The superactive law enforcement agencies
- In January, law enforcement agencies from the USA and Bulgaria seized the dark web websites associated with the Netwalker ransomware operation.
- In the same month, an international operation involving law enforcement agencies in Australia, Denmark, Germany, Moldova, Switzerland, Ukraine, the U.K, and the USA had brought the DarkMarket, the world's largest illegal marketplace on the dark web, to its knees.
Bitdefender researchers had released a free decryptor that can help Darkside ransomware victims to recover their encrypted files for free, without fulfilling the ransom demand.
Be it self-realization or fear of the recent law enforcement activities, all signs point to the fact that voluntary or involuntary actions have led to the best possible outcome for the general public. However, users should not directly jump to the operators-released decrypters, which may easily contain other malware, such as backdoors, that victims might end up installing on their systems.