On June 25th, Dutch cybersecurity company Tesorion posted a blog about the Lorenz ransomware family and the code behind its file encryption. After their analysis Tesorion was successfully able to decrypt files locked by Lorenz due to flaws in the encryption implementation. While this is fantastic news, it also came with a catch: files with a size divisible by 48 bytes before the encryption would also be corrupted because of those same encryption flaws. Tesorion ended the blog with the promise of releasing the decryptor to the public for free, and as of yesterday, it has been added to the No More Ransom Project.
By Akshay Rohatgi and Randy Pargman About this Student Research Project Binary Defense’s mission is