After a free decryptor for Avaddon ransomware was published by a Ph.D. student at Rey Juan Carlos University, the malware developers have announced they have found the flaw in the process and are patching it. The previous decryption process relied on dumping the process memory and extracting the unique AES256 key used to encrypt the files with this decryption process now published. The malware authors better understand how to secure the encryption process after reading the technical research that the researcher published. The malware authors assured their affiliates that since they fixed the flaw, no other victims should be able to decrypt their files for free, and as way to compensate those who failed to receive ransom payments from victims, the Avaddon developers would be temporarily increasing the revenue share to 80% for affiliates who have “suffered” losses due to the free decryptor’s availability.
By Anthony Zampino Introduction Leading up to the most recent Russian invasion of Ukraine in