180 total views
Dutch cybersecurity company Tesorion has released a free decryptor for the Lorenz ransomware that helps victims recover some stolen data without having to pay a ransom.
Lorenz is a human-operated ransomware that started operating in April 2021. Since then, 12 victims have had their information stolen and leaked. Lorenz ransomware’s activity has been decreasing in recent times compared to other ransomware.
The Lorenz ransomware decryption tool can be downloaded from NoMoreRansome, allowing victims to recover some encrypted files.
Unlike other ransomware decryptors, which include a real decryption key, Tesorion’s decrypter works and can only decrypt certain file types.
BleepingComputer quotes Tesorion expert Gijs Rijnders as saying that only common files will be decrypted: Office documents, PDF files, certain types of images and movie files. However, it still allows victims to recover important files.
As you can see below, the decoder can decode common file types, such as XLS and XLSX files, without any problem. However, it will not decode unknown file types or those with uncommon file structures.
In addition to providing a decrypter, Tesorion also provides detailed information on the encryption technique used by the Lorenz ransomware.
In a blog post, Rijnders explains that a bug in the encryption implementation can cause data to be lost, so the file is not decrypted even if the victim has paid the ransom.
“This error produces files that are a multiple of 48 bytes in size, where the last element will be lost. Even if you obtain the decryptor of the ransomware attack, these bytes are still unrecoverable. ” – Rijnders information.
#Free #Lorenz #ransomware #decryption #tool #helps #victims #recover #stolen #data