I’m purposfully writing Reseda this way as I have written it this way in prior posts. But the actual spelling is Rhysida (R h y s i d a) instead.
I really need to look at this more closely when writing these up.
Anyhow, the article I spotted talks about how researchers were able to find a way to decrypt this strain of ransomware.
We’ve talked about these guys before, although they are ones for opportunity, not quantity.
Researchers, supported by the Korea Internet & Security Agency (KISA), leveraged Rhysida’s vulnerabilities to reconstruct the encryption key and restore the encrypted system “despite the prevailing belief that ransomware renders data irretrievable without paying the ransom.”
When they talk about the tool that was released, they write:
What is Rhysida?
Rhysida Ransomware is a lesser-known threat actor, which was first detected in the second quarter of 2023. The US Cybersecurity Infrastructure and Security Agency (CISA) said that Rhysida is known for going after “targets of opportunity,” including the education, healthcare, manufacturing, information technology, and government sectors. Rhysida offered its tools as a ransomware-as-a-service, and practiced double extortion.
Rhysida was behind the British Library hack. The gang also claimed multiple hospitals in the US, attacked Prince George’s Country school system and auctioned stolen data from Insomniac Games, known for Spider-Man, Spyro the Dragon, and Ratchet & Clan video games.
I’m happy to see that ransomware strains are continuing to be researched and that tools like the one talked about in this article are being developed. Since this group isn’t well talked about much, folk can get decrypted the best they can, and move on. The researchers make it clear that they can’t guarantee a 100 percent success rate, but the tool is there for people who need it.
Rhysida Ransomware cracked: researchers release free decryptor is the article. For those who you think might need this news, please pass it along. The decrypter, as always, if free.
Discover more from The Technology blog and podcast
Subscribe to get the latest posts sent to your email.