fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Free Decryptor Released for Atom Silo and LockFile Ransomware

Free Decryptor Released for Atom Silo and LockFile Ransomware

Avast has just released a decryption tool that will help AtomSilo and LockFile ransomware victims recover some of their files for free without having to pay a ransom.

Avast released another decryption tool earlier today to help Babuk ransomware victims recover their files for free.

As the Czech cybersecurity software firm explained, this decryptor may not be able to decrypt files with unknown, proprietary, or with no format at all.

Also Read: Revised Technology Risk Management Guidelines of Singapore

“During the decryption process, the Avast AtomSilo decryptor relies on a known file format in order to verify that the file was successfully decrypted. For that reason, some files may not be decrypted,” Avast’s Threat Intelligence Team said.

The decryptor works for both ransomware strains because they are very similar, even though the groups deploying them on victims’ networks use different attack tactics.

Avast Threat Labs said this ransomware decryptor was created in collaboration with RE – CERT malware analyst Jiří Vinopal, who found a weakness in the AtomSilo ransomware earlier this month.

AtomSilo and LockFile victims can download the decryption tool from Avast’s servers and decrypt entire disk partitions using the instructions displayed within the decryptor’s UI.

BleepingComputer tested the tool and recovered files encrypted with an Atom Silo sample using Avast’s free decryptor.

Avast Atom Silo decryptor
Avast Atom Silo decryptor (BleepingComputer)

The LockFile ransomware operation was first seen in July 2021 after the gang was spotted taking over Windows domains and encrypting devices after exploiting servers unpatched against the ProxyShell and PetitPotam vulnerabilities.

When encrypting files, LockFile ransomware will append the .lockfile extension to the encrypted files’ names and drop ransom notes named using the ‘[victim_name]-LOCKFILE-README.hta’ format.

Also Read: September 2021 PDPC Incidents and Undertaking: Lessons from the Cases

Of particular interest is that LockFile’s color scheme and ransom note layout are very similar to the LockBit ransomware. However, there does not appear to be any relation between the two groups.

Atom Silo is a newly spotted ransomware gang whose operators have recently targeted Confluence Server and Data Center servers vulnerable against a now patched and actively exploited bug.

The ransomware used by Atom Silo is almost identical to LockFile, according to SophosLabs researchers.

However, Atom Silo operators use novel techniques that make it extremely difficult to investigate their attacks, including side-loading malicious dynamic-link libraries that disrupt endpoint protection solutions.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us