Cryptocurrency is conquering the world rapidly. It is considered that the main distinctive features of cryptocurrency are decentralization, anonymity and security. However, deception, fraud, extortion and hacking are only some of the methods that can be used to steal your cryptocurrency.
Computer attacks constantly worry administrators and computer users. Earlier we already talked about volatility.
Plugin for the platform Volatility Framework, whose goal is to extract the encryption keys Full Volume Encryption Keys (FVEK) from memory. It works from Windows 7 to Windows 10. Unfortunately, the support for Windows 8 – 10 is very experimental, but it works in most cases with a few quirks.
Thomas White conducts independent research on DFIR / Infosec / Malvare outside the main work. He writes how the changes in BitLocker after Windows 7 affect the master recovery keys and where to look for when recovering the keys in his last post.