The Ragnarok ransomware gang has shut down its operations and wiped its leak site clean without providing a reason behind the decision.
More importantly, the ransomware gang has left behind a master key so that victims can finally decrypt files that have been locked up in the gang's malware.
The ransomware gang has been around since January of last year and has been infamous for stealing one terabyte-worth of files from video gaming company Capcom.
Ragnarok Ransomware Gang Shuts Down Operations
The Ragnarok ransomware gang has shut down its operations though "it seems like the gang did not plan on shutting down today and just wiped everything and shut down their operation," according to a report by BleepingComputer.
Unlike fellow ransomware gangs who have shut down, such as GandCrab and Maze, the Ragnarok ransomware gang did not leave any note explaining the sudden shutdown of its operations.
Prior to the shutdown, the gang's leak site showed 12 victims from countries such as the United States, France, Malaysia, Italy, Spain, and more. According to a report by TechRadar, the Ragnarok ransomware gang does this "to shame victims into paying to decrypt their files."
The Ragnarok ransomware gang has been notorious since last year for exploiting a Citrix ADC vulnerability.
One of its most famous victims has been the video game company Capcom. The Ragnarok ransomware gang stole one terabyte-worth of files from Capcom in November 2020.
Ragnarok Ransomware Gang Leaves Behind Master Key
According to the BleepingComputer report, everything on the leak site has been wiped and replaced by "brief text linking to an archive containing the master key and the accompanying binaries for using it."
Per the report, ransomware expert Michael Gillespie has confirmed that it contains the master decryption key. The report also adds that a universal decryptor for the victims of the Ragnarok ransomware gang is currently being worked on.
What is Ransomware?
Ransomware has been defined by Trend Micro as "a type of malware that prevents or limits users from accessing their system, either by locking the system's screen or by locking the users' files until a ransom is paid."
A 2019 report by Tech Times showed that 71% of ransomware attacks are focused on small businesses. Year 2021 and even the previous year, however, have shown ransomware gangs focusing on bigger companies.
Some of the most infamous ransomware gangs include REvil, which attacked IT company Kaseya just as the U.S. was celebrating the 4th of July, and the Cl0p ransomware gang, whose members had been arrested in Ukraine in June.
The arrests of some of its members have not stopped the Cl0p ransomware gang, who proceeded to release even more stolen data even after the police caught their members.
Also Read: Ransomware Roundup: Cl0p Releases New Stolen Data; EU, US to Team Up Against Attacks
This article is owned by Tech Times
Written by Isabella James