After authorities seized servers belonging to Encryptor Rass, a Ransomware-as-a-Service cybercriminal website, the operator of the site decided to shut down the whole service and deleted the master decryption key, which would allow victims to recover their data. Even if ransomware victims were willing to pay, they couldn’t since the decryption key is deleted.
Encryptor Raas started in July 2015, however, it became a major player only a year later. Cybersecurity firm Trend Micro had conducted a research on the website and helped law enforcement authorities seize the servers. According to the company, the Encryptor Raas admin made a careless mistake. He left one of the servers storing valuable information unprotected online. He forgot to hide it using the Tor network.
According to Trend Micro, the server named “Encryptor RaaS Decryptor” was easy to find via Shodan, a search engine where users can find IoT (internet of things) devices. The firm added that anyone who knows what to look for could find the server with ease. The security company contacted law enforcement agencies in Europe and in the US that reached the cloud service provider where the server was hosted and seized it.
After the law enforcement operation, the Encryptor Raas admin