Kaspersky has published a free decryptor for Meow ransomware, which is based on leaked Conti ransomware source code and has impacted several companies and government entities in December, according to The Record, a news site by Recorded Future.
Such a decryptor was developed using leaked data discovered late last month by Kaspersky researchers, who noted the presence of 258 private keys in 257 different folders, with companies' and government agencies' names present in at least 34 of the folders.
Fourteen of the 257 organizations impacted by Meow ransomware were believed to have paid the ransom demanded by the attackers. Meanwhile, inadequate security measures employed by Meow ransomware have been cited by Recorded Future ransomware expert Allan Liska as a key factor in the development of its ransomware decryptor.
"This is great work by Kaspersky and hopefully we will continue to see more of this type of activity by the public and private sectors. It looks like Kaspersky may have had access to their infrastructure, at least enough to be able to identify victims," Liska said.
Free decryptor for Conti-based ransomware released
Kaspersky has published a free decryptor for Meow ransomware, which is based on leaked Conti ransomware source code and has impacted several companies and government entities in December, according to The Record, a news site by Recorded Future.
The U.S. Department of Justice announced that Ukrainian national Mark Sokolovsky, also known as raccoon-stealer, black21jack77777, and Photix, has admitted guilt in operating the Raccoon Infostealer malware-as-a-service operation.
Attacks part of the scheme — which were noted by Swiss authorities to have exceeded 260 between August 2023 and April 2024 — involved the suspects leveraging QR codes that redirected to payment platform-spoofing websites.
Information purportedly stolen by Meow ransomware included client and employee data, scanned payment files, personal details, addresses, banking details, certificates, and criminal records.