• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
master key for hive ransomware retrieved using a flaw in

Master Key for Hive Ransomware Retrieved Using a Flaw in its Encryption Algorithm

You are here: Home / General Cyber Security News / Master Key for Hive Ransomware Retrieved Using a Flaw in its Encryption Algorithm
February 20, 2022

Scientists have specific what they connect with the “first effective try” at decrypting details contaminated with Hive ransomware without relying on the personal crucial utilized to lock obtain to the information.

“We have been capable to get well the learn crucial for producing the file encryption vital without the attacker’s personal key, by making use of a cryptographic vulnerability recognized by means of examination,” a team of lecturers from South Korea’s Kookmin College stated in a new paper analyzing its encryption course of action.

Hive, like other cybercriminals groups, operates a ransomware-as-a-services that uses various mechanisms to compromise business networks, exfiltrate knowledge, and encrypt info on the networks, and attempt to gather a ransom in exchange for obtain to the decryption program.

✔ Approved From Our Partners
AOMEI Backupper Lifetime

Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.

Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


Automatic GitHub Backups

It was initial noticed in June 2021, when it struck a company named Altus Team. Hive leverages a range of preliminary compromise solutions, like vulnerable RDP servers, compromised VPN qualifications, as perfectly as phishing email messages with destructive attachments.

The group also tactics the increasingly valuable plan of double extortion, whereby the actors go further than just encryption by also exfiltrating delicate target details and threatening to leak the info on their Tor web site, “HiveLeaks.”

Hive Ransomware Master Key

As of October 16, 2021, the Hive RaaS method has victimized at least 355 firms, with the group securing the eighth spot between the top 10 ransomware strains by earnings in 2021, in accordance to blockchain analytics organization Chainalysis.

The malicious things to do connected with the team have also prompted the U.S. Federal Bureau of Investigation (FBI) to release a Flash report detailing the attacks’ modus operandi, noting how the ransomware terminates processes similar to backups, anti-virus, and file copying to aid encryption.

The cryptographic vulnerability determined by the scientists problems the system by which the learn keys are produced and saved, with the ransomware pressure only encrypting find portions of the file as opposed to the entire contents using two keystreams derived from the grasp essential.

Prevent Data Breaches

“For every single file encryption procedure, two keystreams from the learn critical are desired,” the scientists stated. “Two keystreams are designed by choosing two random offsets from the learn important and extracting 0x100000 bytes (1MiB) and 0x400 bytes (1KiB) from the selected offset, respectively.”

The encryption keystream, which is developed from an XOR procedure of the two keystreams, is then XORed with the information in alternate blocks to generate the encrypted file. But this technique also tends to make it possible to guess the keystreams and restore the grasp essential, in convert enabling the decode of encrypted data files sans the attacker’s private crucial.

The scientists said that they have been in a position to weaponize the flaw to devise a process to reliably get better extra than 95% of the keys used during encryption.

“The grasp vital recovered 92% succeeded in decrypting about 72% of the data files, the learn important restored 96% succeeded in decrypting close to 82% of the files, and the master vital restored 98% succeeded in decrypting roughly 98% of the documents,” the scientists reported.

Identified this article exciting? Comply with THN on Fb, Twitter  and LinkedIn to examine additional exclusive content we submit.


Some sections of this report are sourced from:
thehackernews.com

Previous Post: «justice department appoints first director of national cryptocurrency enforcement team Justice Department Appoints First Director of National Cryptocurrency Enforcement Team
Next Post: Hackers Exploit Bug in SMS Verification Services to Infect Android Devices hackers exploit bug in sms verification services to infect android»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • New HTTPBot Botnet Launches 200+ Precision DDoS Attacks on Gaming and Tech Sectors
  • Top 10 Best Practices for Effective Data Protection
  • Researchers Expose New Intel CPU Flaws Enabling Memory Leaks and Spectre v2 Attacks
  • Fileless Remcos RAT Delivered via LNK Files and MSHTA in PowerShell-Based Attacks
  • [Webinar] From Code to Cloud to SOC: Learn a Smarter Way to Defend Modern Applications
  • Meta to Train AI on E.U. User Data From May 27 Without Consent; Noyb Threatens Lawsuit
  • Coinbase Agents Bribed, Data of ~1% Users Leaked; $20M Extortion Attempt Fails
  • Pen Testing for Compliance Only? It’s Time to Change Your Approach
  • 5 BCDR Essentials for Effective Ransomware Defense
  • Russia-Linked APT28 Exploited MDaemon Zero-Day to Hack Government Webmail Servers

Copyright © TheCyberSecurity.News, All Rights Reserved.