Administrator of Ziggy ransomware announced the closure and announced the decryption key and refund victims
Ransomware is currently attacking cities around the world, and most ransomware has gone from being a widespread network to attack companies.
After all, only companies can pay a high ransom to prevent their data from leaking or being unable to decrypt. As for ordinary consumers, most of them simply reinstall the system.
However, the consequences of ransomware attacks against individuals or companies are serious. If caught by law enforcement agencies, the next step is to sit in prison.
Based on this situation, Ziggy, the ransomware development team, recently announced that the ransomware team has announced all the keys and is preparing to issue a refund.
The ransomware team recently announced the release of all decryption keys. The database provided by the team contains a total of 922 decryption keys corresponding to 922 victims.
At the same time, the developer also provides a decryptor to guide the victim to use the decryption key with the master key, so that all the encrypted system files can be unlocked.
In addition to publishing the decryption key and the master key, the developer also published the source code of the ransomware. After testing by a security expert, it was confirmed that the decryptor and the key were genuine.
Security experts say that it is a good thing to release the decryption key either voluntarily or involuntarily, which means that the victims of the ransomware can decrypt the files.
Moreover, it has been verified that the decryptor is effective and does not contain other backdoors, so the victim does not need to worry. Some security software has already developed a dedicated decryptor.
The main reason for the administrator of Ziggy ransomware to wash hands is that law enforcement agencies recently arrested the developers of Emotet and Netwalker ransomware, which may cause some developers to worry.
In order to continue to reduce the possibility of being caught, the ransomware team is also preparing to refund all victims, that is, all victims who have paid the ransom can get a refund.
The ransomware stated in the latest announcement that as long as the ransom has been paid, a refund can be obtained. The victim needs to provide screenshots and computer numbers to send to the designated mailbox.
After receiving the email, they will return the bitcoin money paid by the victim to the wallet where the victim paid, and the victim can exchange it into fiat currency again at that time.
Tracking by the security company showed that Ziggy only became active in November last year, mainly targeting corporate users and reaching 340 victims in just three months.