fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Fonix Ransomware Shuts Down And Releases Master Decryption Key

Fonix Ransomware Shuts Down And Releases Master Decryption Key

The Fonix Ransomware operators have shut down their operation and released the master decryption allowing victims to recover their files for free.

Fonix Ransomware, also known as Xinof and FonixCrypter, began operating in June 2020 and has been steadily encrypting victims since. The ransomware operation was not as widely active as others, such as REvil, Netwalker, or STOP, but starting in November 2020, it picked up a bit, as shown by the ID Ransomware submissions below.

ID Ransomware submission stats

Also Read: What Do 4 Messaging Apps Get From You? Read The iOS Privacy App Labels

This afternoon, a Twitter user claiming to be a Fonix ransomware admin announced that the ransomware had shut down.

The message shared in the image reads:

I’m one fonix team admins.
you know about fonix team but we have come to the conclusion.
we should use our abilities in positive ways and help others.
Also rans0mware source is completely deleted, but some of team members are disagree with closure of the project, like telegram channel admin who trying to scam people in telegram channel by selling fake source and data.
Anyway now main admin has decided to put all previous work aside and decrypt all infected systems at no cost.
And the decryption key will be available to the public.
The final statement of the team will be announced soon.

Regards-FonixTeam

According to the message, some of the ‘members’ of the ransomware operation were not happy that it was shutting down.

This shutdown could cause members to join other ransomware affiliate programs or splinter off and create a new operation.

Master keys work, decryptor is a mess

In a different tweet, the Fonix admin shared a link to a RAR archive named ‘Fonix_decrypter.rar’ containing both a decryptor and the master private decryption key.

Fonix Decryptor archive

This decryption tool is not a decryptor that can be used by a victim to decrypt their files easily but is instead an admin tool used internally by the ransomware gang.

Most ransomware operations allow victims to send a few encrypted files that they will decrypt for free to prove that they can do so.

The decryptor released tonight is the Fonix Ransomware operators’ tool when performing these free test decryption and does not allow a victim to decrypt an entire computer.

Fonix ransomware’s Admin decryptor

Even considering that it can only decrypt one file simultaneously, from our tests of the decryptor, it has very confusing instructions and is prone to crashing.

Also Read: Key PDPA Amendments 2019/2020 You Should Know

The good news is that Michael Gillespie has told BleepingComputer that the master keys work but only on some Fonix ransomware versions.

However, Emisosft’s decryptor will decrypt all versions of the ransomware, which include the .Fonix, .FONIX, .repter, .XINOF encrypted file extensions.

There is no ETA as to when the decryptor will be released, but if you are a victim of this ransomware, a solution will be available soon.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us