Ziggy Ransomware Shuts Down and All Decryption Keys Released for Free

  • The next ransomware group to waive the white flag is “Ziggy,” claiming reasons of ethical nature.
  • The admin has released all decrypting keys in an SQL file and has also provided a decryptor tool.
  • The group states that they only did what they did out of necessity, not out of wickedness.

The Ziggy ransomware group has decided to end its malicious operations, and today, the administrator of the project has posted an SQL file that contains 922 decryption keys. This covers all victims of the particular ransomware strain, giving three keys for each of them, as Ziggy has a three-level encryption process.

Moreover, the hacker has promised to release the source code of the malware soon, for educational purposes. The shared decryptor may be flagged as malicious by some AV engines, but it appears to be clean.

Credits: @M_Shahpasandi | Twitter

If you want to be sure that you won’t be infected by additional malware, you can wait for a security firm to release a safe decryptor. These are always free, so you just need to be patient for a couple of more days. We can confirm that Michael Gillespie is working on developing a safe decryptor, so we will see something on Emsisoft’s site soon.

Source: BleepingComputer

BleepingComputer has communicated with the Ziggy ransomware operators, trying to figure out why they are giving up now. As a representative explained, they only started this malicious operation as a way to escape poverty in the third-world country they live in.

Thus, they claim they never stopped feeling bad about their victims and the consequences of their actions. Ethical tribulation is the same reason that allegedly dismantled the FonixCrypter ransomware group, but this may not be the complete story.

The bust of EMOTET and NetWalker actors has sent strong turbulence across the field, as malicious actors realize that no matter where they’re based and how well they think they’re hiding when operating online, the law enforcement authorities could find them.

So, both Ziggy and FonixCrypter may have just given up due to their fear of being caught, not because of feelings of regret. BleepingComputer says the two groups know each other as they are from the same country, so seeing them both out isn't a coincidence.

Whatever the case, the good thing is that all Ziggy victims can now decrypt their files without paying a ransom to the crooks. If you’re going for it right now, make sure to back up your encrypted files and try the decryption on copies, as something going wrong in the process may render them irrecoverable forever.

16 Best Black Friday and Cyber Monday VPN Deals in 2023
When it comes to VPN services, if you're after the biggest savings, you must pick a long-term subscription plan. In most cases,...
How to Watch South to Black Power Online from Anywhere
South to Black Power follows celebrated New York Times columnist Charles M. Blow as he embarks on a personal journey across the...
How to Watch The Couple Next Door Online from Anywhere
The Couple Next Door is a psychological drama that explores suburban claustrophobia and the consequences of giving in to your darkest desires....
For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: Chrome, Edge, Firefox, Safari