skip to Main Content

Cybercrime, AstraLocker is closing its ransomware operations

AstraLocker is closing its ransomware operations. BleepingComputer cybersecurity experts: The malware group submitted a ZIP archive with the decryptors to VirusTotal and now it plans to switch to cryptojacking

AstraLocker is closing its ransomware operations and it plans to switch to cryptojacking. It has been unveiled by BleepingComputer cybersecurity experts, who had contacts with the cybercrime operator behind the malware. Furthermore, the developer submitted a ZIP archive with the decryptors to the VirusTotal malware analysis platform. BleepingComputer downloaded the archive and confirmed that the decryptors are legitimate and working after testing one of them against files encrypted in a recent AstroLocker campaign. “It was fun, and fun things always end sometime. I’m closing the operation, decryptors are in zip files, clean. I will come back,” the developer said. “I’m done with ransomware for now. I’m going in cryptojaking lol.” No official reason for the closure of the operation has been submitted. Researchers, however, believe it could be linked to the fact that the spotlight has recently turned on the group and, as a result, there could be problems with the police force.

Back To Top