Decryptor released for Maze, Egregor, and Sekhmet ransomware strains

A decryptor has been released for the Maze, Sekhmet, and Egregor ransomware after someone published the master decryption keys in a BleepingComputer forum post

ZDNet Recommends

Around 6:30 yesterday evening, someone identifying themselves as “Topleak” said, “It was decided to release keys to the public for Egregor, Maze, Sekhmet ransomware families.” 

“Each archive with keys have corresponding keys inside the numeric folders which equal to advert id in the config. In the “OLD” folder of maze leak is keys for it’s old version with e-mail based. Consider to make decryptor first for this one, because there were too many regular PC users for this version,” the user wrote. 

“Since it will raise too much clues and most of them will be false, it is necessary to emphasize that it is planned leak, and have no any connections to recent arrests and takedowns. M0yv source is a bonus, because there was no any major source code of resident software for years now, so here we go. Neither of our team member will never return to this kind of activity, it was pleasant to work with you. All source code of tools ever made is wiped out.”

Cybersecurity company Emsisoft created a

Read More: https://www.zdnet.com/article/decryptor-for-maze-egregor-and-sekhmet-ransomware-strains-released/#ftag=RSSbaffb68