Jul 10, 2024 1 min read

Avast successfully developed a decryptor for the DoNex ransomware family, identifying a flaw that allowed victims to recover their files without charge. Previously known as Muse and DarkRace, DoNex, which emerged in April 2022, targeted individuals and organizations, causing disruptions mainly in the US, Italy, and Belgium. By encrypting files with a ChaCha20 symmetric key and further securing the symmetric file key with RSA-4096 encryption, the ransomware demanded a ransom for file decryption. Avast’s decryptor has been distributed in secrecy since March 2024, in collaboration with law enforcement, to avoid alerting the ransomware authors. The company also provided the public with Indicators of Compromise to help identify and mitigate this security threat.

Source: https://securityaffairs.com/165469/malware/donex-ransomware-decryptor.html

"id": "ava915071024",
"linkid": "avast",
"type": "Ransomware",
"date": "7/2024",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"

Join the conversation

Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.