Resource Center

Shade Ransomware Operators Apologize and Release 750K Keys

May 4, 2020 2:30:00 PM

Shade, a type of ransomware, has been making headlines. Recently, the developers and operators of the malware that has operated since 2014 decided to up and quit. Further, after making a public apology on GitHub, they have released 750,000 encryption keys to those currently affected by the hack.

An Overview

In 2014, a ransomware that encrypts files and adds various extensions to them was discovered. This became known as Shade, and for several years, only targeted primarily Russian victims. However, it quickly grew into one of the top three encryptors in that area. Last year, according to research done by the Palo Alto Network, Shade expanded by going after targets across the globe, including the United States, Canada, India, and Japan.

“We are the team which created a trojan-encryptor mostly known as Shade, Troldesh or Encoder.858. In fact, we stopped its distribution at the end of 2019.” the actors stated. “All other data related to our activity (including the source codes of the trojan) was irrevocably destroyed. We apologize to all the victims of the trojan and hope that the keys we published will help them to recover their data.”

The Keys

The 750,000 keys released each likely represent one attack. This displays how widespread this malware truly was. While no specific reason has been narrowed down for this sudden change of heart, the motive doesn’t matter. This is a huge victory for the “good guys,” regardless.

In addition to supplying the keys along with a formal apology, the malicious actors posted detailed instructions to assist in the removal of the ransomware currently affecting what is thought to be nearly three-quarters of a million people. The operators even went as far as to provide a note explaining that if a victim is still having problems decrypting their files, to patiently wait for cyber security companies to post tools utilizing the keys provided for an easier decryption experience.

If you are worried about your risk when it comes to cyber security, don’t worry. There are plenty of things you can do to stay proactive in maintaining your online security. Reach out to AvantGuard today to see what we offer, and what solutions we offer to keep you secure.

Take advantage of our robust library of industry and AG related news, articles, webinars and other resources available through our resource center to enhance your success.  You will also discover valuable insights and content you can share with your subscribers through your website, newsletters, and emails.

Receive more useful content like this by signing up for our weekly AG Newsletter below: