BankInfoSecurity
Compliance
@prajeetspeaks) •
February 5, 2021
A Fonix ransomware note displayed to victims (Source: Malwarebytes)
The Fonix ransomware gang has closed down its operations, according to Malwarebytes and Kaspersky. But security researchers warn the gang, like others, might re-emerge with new tactics.
The Fonix group released what it claims is a master decryptor key that victims of their ransomware attacks can use. Plus, Kaspersky has also released a free decryption tool that's part of the its RakhniDecryptor offering.
"The Fonix example illustrates yet again why even if you don't plan to pay the ransom (a smart choice), you should hold on to encrypted data," according to the Kaspersky report. "Not all cybercriminals repent and publish their keys (or get caught and their servers confiscated), but if the keys do become available at some point, you can use them to restore access to your information - but only if you keep it."