Encryption and decryption are two sides of the same coin. And ransomware operators often use encryption to take users to the dark side; however, Bitdefender is taking users towards the light. The cybersecurity firm has released a decryption tool that allows organizations to recover files encrypted by DarkSide ransomware operators without paying any ransom. The free decryptor tool automatically scans the systems for encrypted files and decrypts them.
A Light into the DarkSide Ransomware
Active since August 2020, DarkSide is a ransomware-as-a-service (RaaS) group that made millions in ransom payouts by encrypting critical files on compromised systems. According to Digital Shadows, the group earned over one million dollars via their hacking operations. The DarkSide group also made headlines for donating $10,000 in Bitcoin to charities from their profits.
Traits of DarkSide
- Uses a highly targeted approach to attack their victims.
- Custom ransomware executables are carefully prepared for each target.
- Corporate-like method of communication throughout their attacks.
How to Download the Decryptor Tool
Bitdefender made the free decryption tool available for download on its official site. To install:
“If you have checked the backup option, you will see both the encrypted and decrypted files. You can also find a log of the decryption process in the %temp%\BDRemovalTool folder. To remove the encrypted files left behind, you should search for files matching the extension and mass-remove them. We do not encourage you to do this until you made sure that your files can be opened safely and there is no damage to the decrypted files,” Bitdefender explained.