FunkSec ransomware victims are getting a break via a decryptor released by cybersecurity experts at Avast. This week, Avast said it is working with law enforcement agencies to help the alleged 113 victims of the ransomware gang decrypt their files. Ladislav Zezula — a malware researcher at Avast’s parent company Gen — wrote that the ransomware “is now considered dead” after emerging in early December. The decryptor was shared by the EU’s European Cybercrime Centre and added to its large No More Ransom repository with dozens of ransomware decryptors. The report links to research claiming the FunkSec ransomware was written in part using artificial intelligence. Deepwatch’s Frankie Sclafani added that FunkSec illustrated the power of AI to automate malicious code generation and the crafting hyper-realistic phishing attacks. The group listed Recorded Future News and a reporter on its leak site following coverage of the group’s emergence but did not claim to have stolen any information. Last week, Japanese law enforcement created another decryptor for the Phobos ransomware. The FunkSec gang claimed to have attacked institutions across Europe, including several universities in France and other businesses. The company did not respond to requests for comment about what caused the actors behind the ransomware to move on. The report also supported the earlier theories that FunkSec developers likely used AI in creating the malware. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia.
This Cyber News was published on therecord.media. Publication date: Wed, 30 Jul 2025 13:45:38 +0000