Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Master Keys for Crysis ransomware released on a forum

Researchers at ESET security firm have discovered that someone has released 200 master keys for the latest variants of the prominent Crysis ransomware. While security experts continue to investigate the WannaCry attack, someone has released 200 master keys for the latest variants of the prominent Crysis ransomware. The file encrypted by this version have the .wallet and […]

crysis ransomware

Researchers at ESET security firm have discovered that someone has released 200 master keys for the latest variants of the prominent Crysis ransomware.

While security experts continue to investigate the WannaCry attack, someone has released 200 master keys for the latest variants of the prominent Crysis ransomware. The file encrypted by this version have the .wallet and .onion extension added to their original name.

Antivirus firm ESET has used the leaked information to develop the ESET Crysis decrypting tool that is available for download on the company “utilities page.”

The master keys were posted by a new member of a forum at BleepingComputer.com that aim to help victims of this threat.

crysis ransomware

This is the third time that someone published the master key for the Crysis ransomware.

“This has become a habit of the Crysis operators lately – with this being the third time keys were released in this manner. Since the last set of decryption keys was published, Crysis ransomware attacks have been detected by our systems over ten thousand times.” reads the blog post published by ESET.

Decryption tools allow victims of the ransomware-based campaigns to restore their files without paying the ransom to the criminal organizations.

Recently the Quarkslab researcher, Adrien Guinet, has published a software, called Wanadecrypt, he used to recover the decryption key required to restore the files on an infected XP computer. The expert successfully tested the Wanadecrypt software on a small number of infected XP computers, but it is not clear if the technique works on every PC.

The technique devised by Adrien Guinet allows retrieving the secret encryption keys used by the WannaCry ransomware for free, it works on Windows XP, Windows 7, Windows Vista, Windows Server 2003 and 2008 operating systems.

Security researcher Benjamin Delpy developed another tool called WanaKiwi that not only retrieve the prime numbers from the memory but automate the whole decryption process of the WannaCry-infected files.

WanaKiwi works on Windows XP, Windows 7, Windows Vista, Windows Server 2003 and 2008 as explained by Matt Suiche from security firm Comae Technologies.

Despite the efforts of law enforcement and security firms in the fights against ransomware, this category of malware remains one of the most dangerous computer threats. Prevention is essential in keeping users safe.

“Prevention is essential in keeping users safe. Therefore, we recommend that all users keep their operating systems and software updated, use reliable security solutions with multiple layers of protection, and regularly back up all important and valuable data at an offline location (such as external storage).” concluded ESET.

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – Crysis ransomware, hacking)

[adrotate banner=”13″]