- The most popular gaming console on Amazon right now may surprise you
- One of the best ultraportable laptops I've tested this year isn't by Asus or Lenovo
- Bell Canada’s Transformation Journey with Routed Optical Networking
- Are your Venmo transactions still public? Here's why - and how - to change that ASAP
- LG's Gram Pro has record-breaking portability, but that's not my favorite feature (and it's on sale)
Nibiru ransomware variant decryptor – Cisco Blogs
Nikhil Hegde developed this tool.
Weak encryption
The Nibiru ransomware is a .NET-based malware family. It traverses directories in the local disks, encrypts files with Rijndael-256 and gives them a .Nibiru extension. Rijndael-256 is a secure encryption algorithm. However, Nibiru uses a hard-coded string “Nibiru” to compute the 32-byte key and 16-byte IV values. The decryptor program leverages this weakness to decrypt files encrypted by this variant.
Share: