How many times have the government and intel firms warned us that decryptors provided by ransomware gangs do not always work and a significant percentage of victims wind up not recovering all their files even though they paid the ransom? Here’s another example from The Register, where an unnamed victim company paid the Hazard ransomware gang for a decryptor that didn’t work due to a bug in the decryptor:
The infected organization obtained an updated version of the decryptor, but that wasn’t working either. A third-party company that had been involved in the ransomware negotiations called in GuidePoint, which first tried the criminals’ “technical support” desk and told them that the victim needed a different version of the decryptor.
But instead of providing a tool to unlock the encrypted files, the criminals sent over a renamed version of the previous decryptor. “And at that point, they went quiet and were no longer communicating with the victim,” Lance said.
Read more at The Register.