Welcome to Smokey's Security Forums.
Guests only have limited access to the board and it's features, please consider registering to gain full access!
Registration is free and it only takes a few moments to complete.

Smokey's Security Forums

Please login or register.

Login with username, password and session length
Advanced search  

News:

Amazon's app store compromises Android security

It's dangerous to go alone outside Google's protective walled garden, but it's the price you pay for free software.
Ask almost any security expert, and they'll tell you switching on "unknown sources" on your Android phone or tablet is one of the worst things you can do for device security.

Amazon's app store compromises Android security

Malware Log Analysis & Removal Help * Ransomware Encryption & Decrytion Techniques * Official Jetico Inc. Support Forums

Share this topic on FacebookShare this topic on MySpaceShare this topic on RedditShare this topic on TwitterAuthorTopic: Avast Releases AES_NI Ransomware Decrytor After Author Dumps Master Keys  (Read 43 times)

0 Members and 1 Guest are viewing this topic.

GilbertTopic starter

  • Updates Moderator
  • *
  • Offline Offline
  • location: Arctic
  • Posts: 30513
Avast Releases AES_NI Ransomware Decrytor After Author Dumps Master Keys
30 May 2017, 11:33 am

Just as ransomware has rapidly turned into a full-on phenomenon, the war against this type of cyber attacks has grown too. In fact, Avast announced a brand new decryptor tool for the AES_NI ransomware, possible thanks to the public dump of the master private key a few days ago.

This particular ransomware family was first spotted in December 2016, with multiple variants having been detected in the wild since then. You can tell if you've been attacked by it if your encrypted files have one of these file extensions - example.docx.aes_ni, example.docx.aes256, or example.docx.aes_ni_0day. 

As Avast's researchers explain, the ransomware generates an RSA session key for each machine it infects. This session key is then encrypted and saved to a file to the Program Data folder. 

"Unlike rest of the encrypted files, this file's AES key needs to be decrypted using a master private key, which was published on May 25 2017 by the Twitter user @AES___NI," Avast Softpedia News / Security

>> To obtain the full Softpedia Security News article, click the link in the first post line <<
 

* Permissions
You can't post new topics.
You can't post replies.
You can't post attachments.
You can't modify your posts.
BBCode Enabled
Smilies Enabled
[img] Enabled
HTML Disabled


Except where otherwise stated, all content, graphics, banners and images included © 2006 - 2017 Smokey Services™ -- All rights reserved
Design board graphics, banners and images by Meg&Millie - Emma aka Tinker

This site does not store profiling-, tracking-, third-party and/or any other non-essential cookie(s) on client computers and is fully compliant with the EU ePrivacy Directive
Smokey's does not use any Web Analytics/Analysis Service, and also does not use any browser fingerprinting techniques

    

  

Smokey's also provides free fully qualified FRST (Farbar Recovery Scan Tool) Log / Malware Analysis & Removal Help and System Health Checks
rifle
rifle
rifle
rifle