Free decryptor for victims of MegaCortex ransomware released

Graham cluley
Graham Cluley
@
@[email protected]
@gcluley

Free decryptor for victims of MegaCortex ransomware released

The experts at security firm Bitdefender have released a universal decryptor for victims of the MegaCortex family of ransomware.

MegaCortex, which was first spotted in early 2019, was posing such a threat to businesses by the end of that year that the FBI issued a warning that the ransomware was exploiting security weaknesses, stolen passwords, and phishing attacks to establish a foothold within networks.

MegaCortex’s creators appear to be fans of The Matrix. Not only is it seemingly named after MetaCortex – the software company that Keanu Reeve’s character worked for at the start of the film – but the ransom note also references quotes from the movie.

Megacortex ransom
MegaCortex ransom note

If your business was infected though, you probably wouldn’t be in the mood for chowing down on some popcorn. MegaCortex would have encrypted your files, and could have exfiltrated information from your network, and disabled your users’ access rights.

It’s estimated that MegaCortex is responsible for some 1800 ransomware infections, mostly targeting businesses.

But now there’s a fix that can unlock those encrypted files, and it doesn’t involve paying a ransom to cybercriminal extortionists.

Sign up to our free newsletter.
Security news, advice, and tips.

The security researchers at Bitdefender, in co-operation with Europol, the NoMoreRansom project, and law enforcement agencies in Zurich, have released a free MegaCortex decryption tool.

By the way, if you have been hit by ransomware it is always worth checking in with the NoMoreRansom project.

NoMoreRansom has what is probably the most definitive public list of ransomware decryption tools available.

It should go without saying that you should always back up your important data (even if encrypted) before running any decryption tool.

Found this article interesting? Follow Graham Cluley on Twitter or Mastodon to read more of the exclusive content we post.


Graham Cluley is a veteran of the cybersecurity industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent analyst, he regularly makes media appearances and is an international public speaker on the topic of cybersecurity, hackers, and online privacy. Follow him on Twitter, Mastodon, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.