- IBM Cloud speeds AI workloads with Intel Gaudi 3 accelerators
- Change these 5 settings on your TV for a quick and easy way to improve its picture quality
- How to disable ACR on your TV (and why doing it makes such a big difference for privacy)
- Splunk launches inventory tool to simplify OpenTelemetry monitoring
- Finally, I found an AirTag alternative that's cheaper and lasts twice as long
Nibiru ransomware variant decryptor – Cisco Blogs

Nikhil Hegde developed this tool.
Weak encryption
The Nibiru ransomware is a .NET-based malware family. It traverses directories in the local disks, encrypts files with Rijndael-256 and gives them a .Nibiru extension. Rijndael-256 is a secure encryption algorithm. However, Nibiru uses a hard-coded string “Nibiru” to compute the 32-byte key and 16-byte IV values. The decryptor program leverages this weakness to decrypt files encrypted by this variant.
Share: