Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Decrypter. Show all posts

Contact Key Verification: Boosting iMessage Security

Apple has taken another significant step towards improving the security of its messaging platform, iMessage. The introduction of Contact Key Verification adds an extra layer of security to iMessage conversations, protecting user data and privacy. In this article, we will explore what Contact Key Verification is and why it matters.

iMessage is a popular messaging platform known for its end-to-end encryption, which ensures that only the sender and the recipient can read the messages. With the new Contact Key Verification feature, Apple is making iMessage even more secure by allowing users to verify the identity of the person they are messaging with.

Contact Key Verification uses public key cryptography to establish a secure connection between the sender and receiver. Each iMessage user has a unique public key, which is stored on Apple's servers. When a user sends a message, their public key is used to encrypt the message. The recipient's device then uses their private key to decrypt and read the message. This ensures that only the intended recipient can access the content.

But what Contact Key Verification does differently is that it allows users to confirm that the public key used for encryption belongs to the person they intend to communicate with. This extra layer of verification prevents man-in-the-middle attacks, where an attacker intercepts and decrypts messages meant for someone else.

The implementation of Contact Key Verification is simple. Users can access the feature by tapping on the contact's name or picture in the chat. They can then view the contact's key and verify it through various methods like scanning a QR code or comparing a series of numbers with the contact in person.

This additional security feature is essential in today's digital landscape, where data breaches and cyberattacks are increasingly common. It ensures that even if someone gains access to your device, they cannot impersonate you or read your messages without proper verification.

Apple's commitment to user privacy is evident in this move. By giving users control over their message security, they are ensuring that iMessage remains one of the most secure messaging platforms available. Moreover, the public key infrastructure used in Contact Key Verification is a proven method for securing digital communications.



Free MortalKombat Ransomware Decryptor Released

An open-source universal decryptor for the newly discovered MortalKombat malware, which encrypts files, has been made available by the Romanian cybersecurity firm Bitdefender. The virus has been employed on dozens of victims in the United States, United Kingdom, Turkey, and the Philippines, as per a recent Cisco analysis.

Emails with malware ZIP attachments containing BAT loader scripts are sent to random users by MortalKombat distributors. When the script is run, it will download and run the Laplas Clipper and ransomware binaries on the computer.

Although it has been identified since 2010, Xorist is disseminated as a ransomware constructor, enabling online threat actors to design and alter their own variant of the malware. The MortalKombat decryptor is a standalone executable that doesn't require installation on affected devices. The user may optionally choose a specific place holding backed-up encrypted data. It offers to scan the entire filesystem to find files infected by MortalKombat.

In addition, Bitdefender said that the malware has a clipboard-monitoring feature that targets users of cryptocurrencies particularly. The emails include references to expired cryptocurrency payments and attachments that resemble CointPayments transaction numbers but conceal the malware payload. The ransomware, which encrypts all of a PC's data, including those in virtual machines and the recycle bin, is downloaded by the software after its launch. It takes the victim's background and replaces it with a Mortal Kombat 11 image, hence the name.

In a study by PCrisk, Cisco discovered a leaked version of the Xorist builder, where the builder interface options closely mirrored an actual Xorist ransomware building interface. The creator creates an executable ransomware file that the attackers can further modify. Notably, MortalKombat was used in recent attacks by an unidentified financially motivated malicious attacker as a part of a phishing operation targeted at multiple companies.

Free Decrypter Released for the TargetCompany Ransomware

 

Good news for the TargetCompany victims, Czech cybersecurity software firm Avast has recently released a free decryptor tool that will facilitate victims of the TargetCompany (Tohnici) ransomware in recovering files without paying the ransom demand. 

Initially discovered in June 2021, the Tohnici ransomware group has wreaked havoc on its victims ––companies and consumers alike, despite being one of the smaller ransomware gangs that are active presently. 

The Czech cybersecurity has confirmed that it has created the app, called a decrypter after one of its customers was breached by the ransomware attack and needed a way to recover their files. However, the organization has warned its customers that the free utilities (decryptor tools) are limited; the features can only be used to recover encrypted files “under certain circumstances.” 

The firm further said that the victims who want to recover their files should keep in mind that the process of recovering files is resource-intensive and time-consuming too. 

“During password cracking, all your available processor cores will spend most of their computing power to find the decryption password. The cracking process may take a large amount of time, up to tens of hours...,” Avast said. "...On the final wizard page, you can opt-in whether you want to backup encrypted files. These backups may help if anything goes wrong during the decryption process.” 

In order to bring the decrypter tool, Avast reported to the press that it has reverse-engineered the TargetCompany ransomware, and its novel encryption scheme has been made up of a mix between the ChaCha20, AES-128, and Curve25519 algorithms. 

If you are the victim of the TargetCompany ransomware attack, you can recover your files without paying anything. Just download the decryption tool from Avast’s servers (64-bit or 32-bit) and both servers will work for versions of the TargetCompany ransomware that encrypted files with the architek, brg, exploit, and mallox file extensions.