AstraLocker ransomware operators shut down their operations


AstraLocker ransomware operators told BleepingComputer they’re shutting down the operation and provided decryptors to the VirusTotal malware analysis platform.

AstraLocker is based on the source code of the Babuk Locker (Babyk) ransomware that was leaked online on June 2021.

BleepingComputer tested the decryptors and confirmed they are legitimate. The threat actors behind Astralocker told BleepingCompyter that they plan to abandon the extortion and switch to cryptojacking.

The real reason behind the decision to cease the operation could be the pressure by law enforcement in response to their recent attacks.

Read more…