If Villariba and Villabaggio had suffered from the MegaCortex ransomware, then they would really have had a holiday, since the specialists of the Romanian antivirus company Bitdefender released a free decryptor.

In the course of collaboration with Europol and researchers from the NoMoreRansom project, Bitdefender specialists managed to create a decryptor and now everyone can (in Russia via VPN) use the decryptor by downloading it from the official website.

For the first time, the MegaCortex family of cryptographers came into view in 2019.

Back then, the FBI was warned about attacks on the private sector.

Moreover, MegaCortex operators almost from the very beginning used the tactics of double extortion: not only encrypted files, but also stole internal data. Of the known extortion attempts, from 20 thousand to 5.8 million dollars were asked for decryption.

It is quite simple to use the decryptor, since it is a standalone executable file that does not require installation and offers to automatically find encrypted files in the system.

In addition, the decoder has a Scan Entire System mode that allows users to search for corrupted files throughout the system.

The decryptor can also create backup copies of encrypted files for security purposes in case something goes wrong during decryption, which can lead to damage to files beyond recovery.

Nevertheless, it is strongly recommended from the instructions to first make a backup copy of all affected files, and only then proceed to decryption. 

Without a doubt, this is good news that will make life easier for someone, but BitDefender has not reported how and from where they got the private keys for the MegaCortex decryptor.

This is probably due to the arrest in October 2021 of 12 people responsible for more than 1,800 ransomware attacks in 71 countries, many of which used the MegaCortex strain.