Fonix ransomware operators decided to shut down their operation and release the master decryption key for free, the infected users.
Fonix ransomware operators decided to shut down their operation and release the master decryption key for free, the infected users.
Fonix admin also said that not every one of them is happy with the group shutting down.
The admin behind the Twitter account claimed that one of the group's admins was running a Telegram channel and scamming other people on the platform by selling fake sources and data.
Fonix admins also stated that the shut down could cause members to join other ransomware affiliate programs or splinter off and create their separate operations.
Since they are shutting down, they have also decided to give away the master decryption key to all of their victims for free, which enables them to retrieve the files lost when they were attacked by the group and that it will be available to the public.
The decryption tool released will not allow a victim to decrypt the entire computer.
The tool that can only decrypt one file simultaneously to show they can indeed unlock their devices.
In a different tweet, the Fonix admin bio shared a link to a RAR archive named 'Fonix_decrypter.rar' containing both a decryptor and the master private decryption key.
Emisosft's decrypter will decrypt all versions of the ransomware, which include the .Fonix, .FONIX, .repter, .XINOF encrypted file extensions.
The admin handling the Twitter account has sent out another tweet advising its followers to send them a private message on the platform if they need help with using the tool, but they have not said when the exact decryptor will be sent out.
Fonix ransomware also known as Xinof and FonixCrypter, began encrypting victims in June 2020.
For the latest cyber threats and the latest hacking news please follow us on Facebook, Linkedin, and Twitter.
You may be interested in reading: How to Survive the COVID Time Cyber Security Threats?