Security News

The universal decryption key for REvil's attack on Kaseya's customers has been leaked on hacking forums allowing researchers their first glimpse of the mysterious key. On July 22nd, Kaseya obtained a universal decryption key for the ransomware attack from a mysterious "Trusted third party" and began distributing it to affected customers.

The Avaddon ransomware gang has shut down operation and released the decryption keys for their victims to BleepingComputer.com. This file claimed to be the "Decryption Keys Ransomware Avaddon," and contained the three files shown below.

Accedian announced that its cloud-native performance monitoring and analytics platform, Skylight, will include new decryption technology to ensure end-to-end visibility on encrypted network traffic. The technology supports all Transport Layer Security versions, including TLS 1.3, allowing customers to maintain the privacy and security of encryption while still gaining valuable insight into network traffic for performance monitoring and threat detection.

The Avaddon ransomware gang has fixed a bug that let victims recover their files without paying the ransom. On Tuesday, Javier Yuste, a Ph.D. student at Rey Juan Carlos University, published a decryptor for the Avaddon Ransomware on his GitHub page and released a report describing the flaw through ArXiv.

The Ziggy ransomware operation has shut down and released the victims' decryption keys after concerns about recent law enforcement activity and guilt for encrypting victims. Over the weekend, security researcher M. Shahpasandi told BleepingComputer that the Ziggy Ransomware admin announced on Telegram that they were shutting down their operation and would be releasing all of the decryption keys.

The cybercriminals behind the Fonix ransomware have announced plans to shut down their activity, and have already released the master decryption key for the malware. Also known as FonixCrypter and Xonif, the ransomware has been operating since June 2020, with several variants observed since.

Bug hunter Tavis Ormandy of Google's Project Zero just discovered a dangerous bug in the GNU Privacy Guard team's libgcrypt encryption software. The libgcrypt library is an open-source toolkit that anyone can use, but it's probably best known as the encryption library used by the GNU Privacy Guard team's own widely deployed GnuPG software.

The Fonix Ransomware operators have shut down their operation and released the master decryption allowing victims to recover their files for free. The ransomware operation was not as widely active as others, such as REvil, Netwalker, or STOP, but starting in November 2020, it picked up a bit, as shown by the ID Ransomware submissions below.

Europol and the European Commission have launched a new decryption platform that will help boost Europol's ability to gain access to information stored in encrypted media collected during criminal investigations. The new decryption platform operated by Europol's European Cybercrime Centre was developed in collaboration with the European Commission's Joint Research Centre science and knowledge service.

There is a new report on police decryption capabilities: specifically, mobile device forensic tools. This report documents the widespread adoption of MDFTs by law enforcement in the United States.