Free decryptor for victims of MegaCortex ransomware released

Graham Cluley
Graham Cluley
@
@[email protected]
@gcluley

Free decryptor for victims of MegaCortex ransomware released

The experts at security firm Bitdefender have released a universal decryptor for victims of the MegaCortex family of ransomware.

MegaCortex, which was first spotted in early 2019, was posing such a threat to businesses by the end of that year that the FBI issued a warning that the ransomware was exploiting security weaknesses, stolen passwords, and phishing attacks to establish a foothold within networks.

MegaCortex’s creators appear to be fans of The Matrix. Not only is it seemingly named after MetaCortex – the software company that Keanu Reeve’s character worked for at the start of the film – but the ransom note also references quotes from the movie.

Megacortex ransom
MegaCortex ransom note

If your business was infected though, you probably wouldn’t be in the mood for chowing down on some popcorn. MegaCortex would have encrypted your files, and could have exfiltrated information from your network, and disabled your users’ access rights.

It’s estimated that MegaCortex is responsible for some 1800 ransomware infections, mostly targeting businesses.

But now there’s a fix that can unlock those encrypted files, and it doesn’t involve paying a ransom to cybercriminal extortionists.

Sign up to our free newsletter.
Security news, advice, and tips.

The security researchers at Bitdefender, in co-operation with Europol, the NoMoreRansom project, and law enforcement agencies in Zurich, have released a free MegaCortex decryption tool.

By the way, if you have been hit by ransomware it is always worth checking in with the NoMoreRansom project.

NoMoreRansom has what is probably the most definitive public list of ransomware decryption tools available.

It should go without saying that you should always back up your important data (even if encrypted) before running any decryption tool.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.