The Ziggy Ransomware
admin announced on Telegram that they were shutting down their operation and would be releasing all of the decryption keys.
The group's self surrender was apparently motivated by guilt and fear of legal repercussion. The administrator of the Ziggy group said that he felt guilty about their actions and expressed concerns over global law enforcement efforts, which recently saw take down Emotet
affiliates. Following the announcement, the Ziggy ransomware admin released an SQL file containing 922 decryption keys, 340 of which are unique IDs.
Ziggy administrators also release a decryption tool, which is a little buggy and requires a specialist to operate. However Emsisoft release a decryptor for Ziggy that is easy to use and stable.
Download Ziggy Ransomware Decryptor