Avaddon authors fix bug on their ransomware that allows free decryption

There was bug detected in Avaddon ransomware that let users to recover their files encrypted by the ransomware without paying the ransom.

Javier Yuste a Ph.D. student at Rey Juan Carlos University exploited the flaw and released the decryptor on his GitHub page, Tuesday.

As per their research, the Avaddon ransomware encrypts the files using AES256 encryption algorithm to encrypt and decrypt the files.

The detected flaw in how the ransomware clears this key, allowed Yuste to create a decryption tool. However, tool will be working until when the computer has not been shut down after being encrypted.

Unfortunately, not all people took the advantage of this finding because just a day after the decryptor release, Avaddon ransomware developer posted to a hacker forum that they had fixed the flaw.

The malicious authors wrote in their forum that “neither the decryptor, nor such close atention will stop us. On the contrary, we analyzed the situation, identified weaknesses and found a solution. We have already implemented a solution to the problem that will make decryption by third-party means impossible.”

The threat actors read the same security news as of you and so soon they heard about the bugs/ flaws on them, they immediately work on it to find the fix.

Therefore, it is required that those successfully crate the decryption tool must contact to antivirus companies, incident response firm and law enforcements who can help the victims privately and not publishing and reveling to the ransomware developers how to fix the flaws.