The ransomware developer Ziggy stops blackmail and distributes decryption keys to its victims.
Ransomware Ziggy ransomware shut down its illegal activities and distributed decryption keys to its victims, following concerns by its developer about recent police activity and fears that he would be arrested.
Over the weekend, the administrator of the Ziggy Ransomware announced on Telegram that it terminates the ransomware and will share all decryption keys. The same ransomware administrator has previously stated that his team created the ransomware to make money, as they live in a “third world country”.
After feeling guilty about his actions and expressing his concerns about recent operations against ransomware Emotet and Netwalker, the administrator decided to stop the blackmail and share all the keys.
So today, the administrator of Ziggy ransomware published an SQL file containing 922 decryption keys. For each victim, the SQL file lists three keys required to decrypt their encrypted files.
The ransomware administrator also posted one decryptor in VirusTotal where victims can use the keys listed in the SQL file.
In addition to the decryption file and SQL, the ransomware administrator shared the source code of a different decryptor that contains the decryption keys for out connectionς machineshit.
Ransomware infections use offline decryption keys to decrypt infected victims when they are not connected to the Internet or could not access the server orders and control.
