Kaspersky releases tool for decrypting ransomware

kaspersky releases tool for decrypting ransomware

Source code leaked last month by infighting members of the Conti gang was used to build the antidote to their attacks.

Kaspersky has published a new version of a decryption tool that helps victims of a ransomware modification based on Conti source code.

Conti is a ransomware gang that has dominated the cybercrime scene since 2019, and whose data, including the source code, was leaked in March 2022 following an internal conflict caused by the geopolitical crisis in Europe. The discovered modification was distributed by an unknown ransomware group and has been used against companies and state institutions.

In late February 2023, Kaspersky experts uncovered a new portion of leaked data published on forums. After analysing the data, which contained 258 private keys, the source code and some pre-compiled decryptors, Kaspersky released a new version of the public decryptor to help victims of this modification of Conti ransomware.

Conti appeared in late 2019 and was very active throughout 2020, accounting for more than 13% of all ransomware victims during this period. However, a year ago, once the source code was leaked, multiple modifications of Conti ransomware were created by various criminal gangs and used in their attacks.

The malware variant whose keys were leaked was discovered by Kaspersky specialists in December 2022. This strain was used in multiple attacks against companies and state institutions.

The leaked private keys are located in 257 folders (only one of these folders contains two keys). Some of them contain previously generated decryptors and several ordinary files: documents, photos, etc. Presumably the latter are test files – a couple of files that the victim sends to the attackers to make sure that the files can be decrypted.

Thirty-four of these folders have explicitly named companies and government agencies. Assuming that one folder corresponds to one victim, and that the decryptors were generated for the victims who paid the ransom, it can be suggested that14 victims out of the 257 paid the ransom to the attackers.

After analysing the data, the experts released a new version of the public decryptor to help victims of this modification of the Conti ransomware. The decryption code and all 258 keys were added to the latest build of Kaspersky’s utility RakhniDecryptor Moreover, the decryption tool has been added to Kaspersky’s No Ransom site (https://noransom.kaspersky.com).

“For many consecutive years, ransomware has remained a major tool used by cybercrooks,” says said Fedor Sinitsyn, lead malware analyst at Kaspersky. “However, because we have studied the tactics, techniques and procedures (TTPs) of various ransomware gangs and found out that many of them operate in similar ways, preventing attacks becomes easier. The decryption tool against a new Conti-based modification is already available on our No Ransom webpage. However, we would like to emphasise that the best strategy is to strengthen defenses and stop the attackers at early stages of their intrusion, preventing ransomware deployment and minimising the consequences of the attack.”

Kaspersky offers these pointers to protect yourself and your business from ransomware attacks:

  • Do not expose remote desktop services (such as RDP) to public networks unless absolutely necessary and always use strong passwords for them.
  • Promptly install available patches for commercial VPN solutions providing access for remote employees and acting as gateways in your network.
  • Focus your defense strategy on detecting lateral movements and data exfiltration to the Internet. Pay special attention to the outgoing traffic to detect cybercriminals’ connections.
  • Back up data regularly. Make sure you can quickly access it in an emergency when needed. 
  • Use solutions like Kaspersky Endpoint Detection and Response Expert and Kaspersky Managed Detection and Response service which help to identify and stop the attack on early stages, before attackers reach their final goals.
  • Use the latest Threat Intelligence information to stay aware of actual TTPs used by threat actors. The Kaspersky Threat Intelligence Portal is a single point of access for Kaspersky’s TI, providing cyberattack data and insights gathered by our team for 25 years. To help businesses enable effective defenses in these turbulent times, Kaspersky has announced access to independent, continuously updated and globally sourced information on ongoing cyberattacks and threats, at no charge. Request access to this offer here.
News Related


Mother fatally shot by neighbor after yearslong feud over playing children, sheriff says

Mother fatally shot by neighbor after yearslong feud over playing children, sheriff says A Florida mother was fatally shot through a door outside a neighbor's home after what officials characterized ... Read more »

NYPD safety team making high number of unlawful stops, mostly people of color: Report

NYPD safety team making high number of unlawful stops, mostly people of color: Report New York City Mayor Eric Adams revived the unit after he took office. ByAaron Katersky and ... Read more »

Coursera co-founder Andrew Ng argues AI poses no ‘meaningful risk’ of human extinction: 'I don't get it'

Andrew Ng is globally recognized leader who has been involved in many AI projects Read more »

Recall of 137 Tesla Model Ys over issue with steering wheel fastener

Tesla manufactured the recalled Model Ys between June 2022 and May 2023 Read more »

Apple Unveils 15-Inch MacBook Air, New Mac Pro With M2 Ultra: Follow Along for WWDC Live Updates

Source: Apple We’re live from Cupertino, California, where Apple is about to kick off its annual Worldwide Developers Conference (WWDC), often called “Dub Dub” by attendees. It’s expected to announce ... Read more »

7 Habits That Secretly Annoy Massage Therapists

Habits That Secretly Annoy Your Massage Therapist Massage therapy is a growing modality in medical settings—for example, the Mayo Clinic suggests massage is an effective tool for patients coping with the pain and ... Read more »

‘To be fair they can be like 20,000. I don’t blame him’: Viewers defend man who tried out hot tubs before buying one

man trying out hot tub in store A man is going viral on TikTok for testing out filled-up hot tubs in a store with just his swim trunks on. In ... Read more »

Michael J. Fox Tragic Collapse Caught on Camera as He Admits Parkinson’s Disease is Winning the Battle

Mega Michael J. Fox suffered a tragic fall over the weekend as he appeared for a Back to the Future Q&A panel in Pennsylvania, RadarOnline.com has learned. The startling incident ... Read more »

Pilot seen slumped over in plane that triggered fighter jet chase over Washington DC

No survivors were found in the wreckage of a small aircraft carrying four people which flew over restricted territory above the US capital before crashing to the ground in the neighbouring state of Virginia. Officials have now launched an investigation into the incident. Read more »

60 Gifts That Are Selling Out On Amazon Because They're So Freaking Clever

60 Gifts That Are Selling Out On Amazon Because They’re So Freaking Clever In my opinion, the best gifts are so clever, the recipient probably hasn’t seen them before — ... Read more »

‘Ted Lasso’ May Be Done, But This Other Jason Sudeikis Comedy Just Hit #1 on Netflix

We’re still thinking about that Ted Lasso season 3 finale (which may or may not be the end of the series), and all the heartwarming moments and questions it left ... Read more »

Fox News Reporter Straight Up Asks Karine Jean-Pierre About Whether Biden Would ‘Survive’ Another Term

Fox News White House Correspondent Jacqui Heinrich asked Karine Jean-Pierre about the prospects of President Joe Biden literally surviving a second term. Heinrich pointed to Sunday’s CNN town hall featuring ... Read more »

Former Vikings First-Round Pick Has His Latest NFL Home

Former Vikings first-round pick Laquon Treadwell is still bouncing around the NFL. On Monday, he signed a one-year deal to join the Baltimore Ravens, according to multiple reports. The Vikings ... Read more »

California continues to bury residents with 'fixes' for its self-inflicted energy woes

California continues to bury residents with ‘fixes’ for its self-inflicted energy woes California’s continued energy failures are driven by a disconnect. The pie-in-the-sky worldview of environmentalists doesn’t match the reality ... Read more »

Anna Shay, Bling Empire star, dies at 62

Anna Shay, the heiress who rose to fame on the Netflix reality series Bling Empire, died unexpectedly from a stroke at the age of 62, EW can confirm. In a ... Read more »

Chrissy Teigen: DNA test showed I had a long-lost identical twin

Two Chrissy Teigen’s? The Sports Illustrated model revealed Sunday that she had a twin sister. But not everything is as it seems. Taking to Instagram Sunday, the “Cravings” author explained ... Read more »

Don't Underestimate China's Ability to Build Its Own Advanced Chips Despite U.S. Curbs, Tech Analysts Say

China may be cut off from advanced semiconductor tech but analysts are optimistic that China will still find a way to build its own. “I don’t underestimate China’s ability and ... Read more »

Cramer Says It's Still a Bull Market, But Trim a Few Tech Stocks and Profit While You Can

Despite the success of CNBC’s Jim Cramer’s “Magnificent Seven,” he said on Monday that it might be wise to trim tech stock while it’s still profitable. Even though he believes ... Read more »

California investigators suspect Florida Gov. Ron DeSantis planned the flight carrying 16 migrants who were 'dumped' outside Sacramento church

Democratic Gov. Gavin Newsom of California criticized the policies of Republican Gov. Ron DeSantis of Florida, in an interview with Insider. Justin Sullivan/Getty Images and Wilfredo Lee/AP Photo Sixteen migrants ... Read more »

‘10 dollars an hour is crazy’: Viewers defend teenage Pizza Hut worker who makes $10 per hour

woman preparing pizza at pizza hut Working as a teenager can be liberating. Earning your own money, building skills that many don’t obtain until their mid-20s, and gaining a measure ... Read more »

'Stop Cop City' activists pack Atlanta City Hall ahead of crucial vote

Protesters gather outside Atlanta City Hall ahead of a council vote over whether to approve public funding for the construction of a proposed police and firefighter training center, Monday, June ... Read more »

New York Yankees Could Lose Aaron Judge to Injured List Again With New Ailment

A fantastic play has come with consequences. New York Yankees superstar Aaron Judge is dealing with a right big toe injury that could potentially land him back on the injured ... Read more »

Jake Tapper Creeped Out by Brianna Keilar’s Analogy for Crowded GOP Race: ‘I Do Not Thank You for That’

Jake Tapper did not care for Brianna Keilar’s analogy for the growing 2024 Republican primary field on Monday’s edition of CNN News Central. This week, a handful of candidates are ... Read more »

You Can Download the iOS 17 Developer Beta on Your iPhone Right Now

iOS 17 was announced Monday at WWDC 2023. Tharon Green/CNET Not wanting to lose any time, Apple has just released the first developer beta for iOS 17, shortly after announcing ... Read more »

Why 22.8 Million Americans Might Have Just Gotten a Big Credit Score Boost

A person typing on a laptop while sitting comfortably on a couch. There are different factors that go into calculating a credit score. These include length of credit history, new ... Read more »

Bannon Goes to War With House Republicans, Wants Primary Opponents for MTG, Jim Jordan, and Others Over Debt Vote

Bannon Goes to War With House Republicans, Wants Primary Opponents for MTG, Jim Jordan, and Others Over Debt Vote Former Trump campaign manager Steve Bannon declared Monday that he wants ... Read more »

Florida officials mum as second migrant flight arrives in Sacramento

“[Ron DeSantis] you small, pathetic man,” California Gov. Gavin Newsom wrote in a tweet Monday. TALLAHASSEE, Fla. — A second plane full of migrants from the Texas border landed in ... Read more »

Texas sheriff calls for charges after DeSantis migrant flights

Texas sheriff calls for charges after DeSantis migrant flights The sheriff’s office in Bexar County, Texas, has filed a criminal case with the county’s district attorney over a 2022 incident ... Read more »

‘They are way more dangerous than anybody knows’: Mom almost loses child to water bead toy. She says Target marked it on sale and restocked the shelves

Woman Holding Baby. Target Retail Store A mother claimed that after her infant child nearly died from accidentally ingesting a singular water bead, the company sent their condolences and Target ... Read more »

AI should be licensed like medicines or nuclear power, Labour suggests

Photograph: Yuichiro Chino/Getty Images The UK should bar technology developers from working on advanced artificial intelligence tools unless they have a licence to do so, Labour has said. Ministers should ... Read more »
Kênh kiến thức kỹ năng, phát triển bản thân, hướng nghiệp, blog nhân sự