For all those linux based websites that were recently attacked by the ransomware Linux.Encoder.1, a crack has been found. A free tool is now available that can help you in decrypting the files of your website(s). The malware researchers from Bitdefender have detected an error in the way the ransomware is encrypting the files.
The malware makes use of the Advanced Encryption Standard (AES). This encryption uses one key for both the encryption and decryption. Then the same algorithm encrypts the AES key. The researchers have found that the malware uses the time and date as the source of random data for encryption. They were successful in getting the AES keys to decrypt the files and thus a crack for the malware. The tool is written in Python.
The Bitdefender researchers mentioned in their blog while giving detailed steps to use the tool, “If you can boot your compromised operating system, download the script and run it under the root user”.
Although there is a fair chance of new ransomware with the currently detected error rectified may soon surface, but for now there can be sigh of relief as Linux.Encoder.1 ransomware cracked.