Profero successfully decrypted DarkBit ransomware, enabling recovery of a victim's files without ransom payment. The attack, linked to Iranian state-sponsored actors, involved a unique encryption method that Profero exploited, ultimately leading to significant data recovery due to the sparse nature of the affected VMware ESXi server files. Profero is offering assistance to future victims but will not publicly release the decryptor.

Entropy triage is a novel method developed by MOXFIVE to repair files corrupted by failed ransomware encryption using Shannon entropy to select usable data blocks. By automating the reconstruction process, this technique has achieved over 90% success in restoring virtual disks that standard decryptors cannot fix. However, it requires specialized skills and has limitations regarding the type of data it can recover.