- Want to extend your iPhone battery life? Stop making this common mistake
- I took a chance on this Marshall Bluetooth speaker - its audio quality and design delivered
- Tj-actions Supply Chain Attack Traced Back to GitHub Token Compromise
- I changed 10 Samsung phone settings to drastically improve the user experience
- 9 principles to improve IT supplier relationship management
Nibiru ransomware variant decryptor – Cisco Blogs

Nikhil Hegde developed this tool.
Weak encryption
The Nibiru ransomware is a .NET-based malware family. It traverses directories in the local disks, encrypts files with Rijndael-256 and gives them a .Nibiru extension. Rijndael-256 is a secure encryption algorithm. However, Nibiru uses a hard-coded string “Nibiru” to compute the 32-byte key and 16-byte IV values. The decryptor program leverages this weakness to decrypt files encrypted by this variant.
Share: