惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

F
Fortinet All Blogs
云风的 BLOG
云风的 BLOG
M
MIT News - Artificial intelligence
WordPress大学
WordPress大学
T
Tailwind CSS Blog
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
S
Secure Thoughts
博客园 - 【当耐特】
Know Your Adversary
Know Your Adversary
NISL@THU
NISL@THU
博客园 - 司徒正美
Last Week in AI
Last Week in AI
C
Cybersecurity and Infrastructure Security Agency CISA
P
Privacy & Cybersecurity Law Blog
C
CXSECURITY Database RSS Feed - CXSecurity.com
B
Blog
The GitHub Blog
The GitHub Blog
小众软件
小众软件
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
Spread Privacy
Spread Privacy
Martin Fowler
Martin Fowler
博客园 - 叶小钗
Security Archives - TechRepublic
Security Archives - TechRepublic
T
Tenable Blog
S
Securelist
博客园 - 三生石上(FineUI控件)
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
Microsoft Security Blog
Microsoft Security Blog
Apple Machine Learning Research
Apple Machine Learning Research
罗磊的独立博客
T
Threat Research - Cisco Blogs
Application and Cybersecurity Blog
Application and Cybersecurity Blog
F
Full Disclosure
Cloudbric
Cloudbric
The Cloudflare Blog
Y
Y Combinator Blog
Hugging Face - Blog
Hugging Face - Blog
Microsoft Azure Blog
Microsoft Azure Blog
H
Hacker News: Front Page
腾讯CDC
L
Lohrmann on Cybersecurity
C
CERT Recently Published Vulnerability Notes
V2EX - 技术
V2EX - 技术
GbyAI
GbyAI
TaoSecurity Blog
TaoSecurity Blog
I
Intezer
The Last Watchdog
The Last Watchdog
G
GRAHAM CLULEY
Google Online Security Blog
Google Online Security Blog
T
The Blog of Author Tim Ferriss

Blog | Latest Ransomware News and Trends | Coveware

Patch management goes from hard, to ludicrous in the agentic AI era Mass Data Exfiltration Campaigns Lose Their Edge in Q4 2025 Obscura Ransomware: Why Some Data Can’t Be Recovered Insider Threats Loom while Ransom Payment Rates Plummet Targeted social engineering is en vogue as ransom payment sizes increase The organizational structure of ransomware groups is evolving rapidly. Will Law Enforcement success against ransomware continue in 2025? Clarity on ransom payment statistics within Australia Law enforcement doxxing raises risk profile for threat actors Ransomware actors pivot away from major brands in Q2 2024 RaaS devs hurt their credibility by cheating affiliates in Q1 2024 New Ransomware Reporting Requirements Kick in as Victims Increasingly Avoid Paying Scattered Ransomware Attribution Blurs Focus on IR Fundamentals Ransom Monetization Rates Fall to Record Low Despite Jump In Average Ransom Payments Big Game Hunting is back despite decreasing Ransom Payment Amounts Improved Security and Backups Result in Record Low Number of Ransomware Payments Uber Verdict Raises New Risks for Ransom Payments Fewer Ransomware Victims Pay, as Median Ransom Falls in Q2 2022 Coveware's testimony to the HSGAC on Mandatory Reporting Laws Ransomware Threat Actors Pivot from Big Game to Big Shame Hunting
Nitrogen Ransomware: ESXi malware has a bug!
Bill Siegel · 2026-02-03 · via Blog | Latest Ransomware News and Trends | Coveware

Nitrogen ransomware was derived from the previously leaked Conti 2 builder code, and is similar to Nitrogen ransomware, but a coding mistake in the ESXi malware causes it to encrypt all the files with the wrong public key, irrevocably corrupting them. This means that even the threat actor is incapable of decrypting them, and that victims that are without viable backups have no ability to recover their ESXi encrypted servers. Paying a ransom will not assist these victims, as the decryption key/ tool will not work.

Proper public/private key encryption progresses via the following common operations:

  1. The malware is run on a server full of files.

  2. For each file, the malware randomly generates a private Curve25519 key and its corresponding public key.

  3. The malware exchanges the private key with its master public key, producing a shared secret.

  4. The shared secret is used as a ChaCha8 key to encrypt the file contents.

  5. The malware saves the file public key to the file footer.

Proper public/private decryption progresses via the following operations:

  1. A decryption executable is run on a previously encrypted server full of files.

  2. The decryption tool contains the master private Curve25519 key that goes with the master public key that was used for encryption.

  3. For each file, the decryption tool exchanges the master private key with the file public key that was saved to the footer, which produces the same shared secret that was used for encryption.

  4. The shared secret can then be used as a ChaCha8 key to decrypt the file contents.

  5. The file is decrypted.

The Nitrogen ESXi Bug

Within the Nitrogen ESXi malware, the public key is stored as a stack variable at offset rsp+0x20 (shown below)

However, after the public key is loaded, another variable is stored at rsp+0x1c. It's a QWORD, so it takes up the 8 bytes from rsp+0x1c to rsp+0x24. That means 4 bytes of the public key are overwritten!  This is a clear mistake by the malware developer. 

This is what the public key looks like in memory before the instruction at `0x401890` is executed:

And this is what it looks like after it's executed:

Note the 4 bytes that have been replaced with 0x00s.

Because of this bug, the corrupted public key is used in the key exchange to encrypt each file. Normally, when a public-private Curve25519 keypair is generated, the private key is generated, first and then the public key derived subsequently based on the private key. The resulting corrupted public key wasn't generated based on a private key, it was generated by mistakenly overwriting a few bytes of another public key. The final outcome is that no one actually knows the private key that goes with the corrupted public key. Files that were encrypted with the corrupted public key can not be decrypted by any means, including by paying a ransomware. The threat actor themselves will be unable to decrypt the files in a test. 

Organizations impacted by Nitrogent Ransomware encryption must be extremely careful when analyzing their recovery options. Any ESXi encrypted files that are without viable backups, must be analyzed in conjunction with the corresponding malware that encrypted them to ascertain their status.