Dridex and Locky Botnet Has Vanished;Decryption Keys no Longer Available
Posted by: Timothy Weaver on 06/10/2016 12:51 PM
[
Comments
]
The botnet that delivered the Dridex and Locky malware seems to have disappeared.
The downside of the take down is that any one victimized by either malware will not be able to get the key to clear their systems.
“Victims of the Locky ransomware in the past have been able to pay to get their data back, but now with the infrastructure being taken offline it is unclear whether the crypto keys have been preserved or if there is anyone to distribute them,” Tripwire security researcher Craig Young.
Coincidentally, on June 1st, Russian authorities arrested 50 hackers that were responsible for the loss of $25 million in banking funds. It is possible, but unconfirmed, that the take down is related to the take down of the bot network.
According to Young: “It is entirely possible that its operators have been spooked by law enforcement (or other) actions and have simply wiped all of the systems they used for running the criminal campaign.”
Source: SCMagazine
The downside of the take down is that any one victimized by either malware will not be able to get the key to clear their systems.
“Victims of the Locky ransomware in the past have been able to pay to get their data back, but now with the infrastructure being taken offline it is unclear whether the crypto keys have been preserved or if there is anyone to distribute them,” Tripwire security researcher Craig Young.
Coincidentally, on June 1st, Russian authorities arrested 50 hackers that were responsible for the loss of $25 million in banking funds. It is possible, but unconfirmed, that the take down is related to the take down of the bot network.
According to Young: “It is entirely possible that its operators have been spooked by law enforcement (or other) actions and have simply wiped all of the systems they used for running the criminal campaign.”
Source: SCMagazine
Comments
