The Spanish student Javier Yuste has released a free decryption tool for the Avaddon ransomware that can be used by the victims to recover their encrypted files for free.
The utility developed by the experts dumps the RAM memory of the infected system and scans it for data that could allow to recover the encryption key.
“If enough information is recovered, the tool can then be used to decrypt files and help victims recover from Avaddon attacks without needing to pay the gang’s ransom demand.”
The Avaddon ransomware operators were informed of the availability of the decrypted and released an update for the code of their malware that makes the tool inefficient.
Multiple security experts pointed out that the decision to publicly release decryption tools is not a good option when the decryptor exploit some flaws in the malware code, because it could help ransomware operators to fix the issues.
The fact that the Avaddon ransomware operators quickly addressed their code demonstrate the efficiency of their operations.