Does Protection Help As Much As We Think In Security?
Does Protection Help As Much As We Think In Security?
November 18, 2020
Back from vacation: Analyzing Emotet’s activity in 2020
Back from vacation: Analyzing Emotet’s activity in 2020
November 19, 2020
Does Protection Help As Much As We Think In Security?
Does Protection Help As Much As We Think In Security?
November 18, 2020
Back from vacation: Analyzing Emotet’s activity in 2020
Back from vacation: Analyzing Emotet’s activity in 2020
November 19, 2020

Nibiru ransomware variant decryptor

Categories
Tags
Nibiru ransomware variant decryptor

Nikhil Hegde developed this tool.

Weak encryption

The Nibiru ransomware is a .NET-based malware family. It traverses directories in the local disks, encrypts files with Rijndael-256 and gives them a .Nibiru extension. Rijndael-256 is a secure encryption algorithm. However, Nibiru uses a hard-coded string “Nibiru” to compute the 32-byte key and 16-byte IV values. The decryptor program leverages this weakness to decrypt files encrypted by this variant.

Read more

glocompmarketing
glocompmarketing