The malicious actors behind Shade ransomware made an unusual announcement on GitHub, not only publishing all 750,000 decryptor keys for the malware but apologizing for their criminal actions.
“We are the team which created a trojan-encryptor mostly known as Shade, Troldesh or Encoder.858. In fact, we stopped its distribution in the end of 2019.” the operators purportedly posted. “All other data related to our activity (including the source codes of the trojan) was irrevocably destroyed. We apologize to all the victims of the trojan and hope that the keys we published will help them to recover their data.”
Each key decryptor likely represents one attack making Shade particularly virulent during its time. The group gave no reason for its sudden change of heart and Shahrokh Shahidzadeh, CEO at Acceptto, said the reasoning doesn’t matter.
“Net-net this is a great win for the good guys. No matter what the motives of the operators of the Shade (Troldesh) ransomware, we will take it,” he told SC Media. “While this might mean that they are out of the game for good, it’s not the first time that a group of attackers ..
Support the originator by clicking the read the rest link below.
