January 22, 2017 at 01:44 #5264
I visited the old website and it looked exactly the same as the one posted by Alejjanndro. It was very basic HTML and had references to Windows 9x on it. I thought it odd.
The website – axantum.com – was delivered over HTTPS and I checked the certificate. It was issued by Symantec.
I did a bit of research online and found this story about how Symantec are issuing real certificates to bogus people.
It occurs to me that there may be some form of cache poisoning going on. User A visits axantum.com and gets redirected. The fake website then appears and delivers up malware infected files (a guess) but because it has a SSL certificate it appears genuine.January 22, 2017 at 01:47 #5265
I really hope a fake SSL certificate hasn’t been issued for axcrypt.net because I gather that AxCrypt 2 sends your encryption password to the server. If a malicious person had access to this then they could compromise my files; assuming they also had access to my files.January 22, 2017 at 11:08 #5268
It sounds like a local system DNS attack. The easiest way to do such a thing is via the hosts file. In any case, in addition to getting a sample file (which I still have not received from anyone posting here), if I could get an IP-address for what ‘axantum.com’ seems to point to for one of you who see the strange ‘axantum.com’ site it would be appreciated.
A simple ‘ping’ in a command window usually suffices to find out the IP.
Since it’s really important to find out what, if anything, is going on – I urge anyone who posts here about this issue to please try to provide enough information so we can see what you’re seeing. This includes:
– URL’s you’re visiting.
– IP addresses to http://www.axcrypt.net, account.axcrypt.net, axantum.com and http://www.axantum.com .
– Actual downloaded files that do not match the information provided earlier in this thread for the genuine thing.
– Any SSL certificates that are presented by sites that do not match the genuine sites. They can be inspected, and downloaded via most if not all browsers.
Send files and such to firstname.lastname@example.org please.January 27, 2017 at 22:10 #5320
I prefer the older version of Axcrypt but when I install on my new version of Windows 10 the context menu doesn’t add axcrypt . How do I fix this?
RobertJanuary 27, 2017 at 23:20 #5321
Have you rebooted? Have you downloaded the installer version, and not just the portable standalone version?
The AxCrypt menu should be there, just like before.February 21, 2017 at 15:50 #5608
I downloaded AxCrypt2 from Softpedia as some people in my organisation use the software. Everybody uses a VPN so I’m confident our connection wasn’t being tampered with.
When I downloaded AxCrypt I got a Windows Smartscreen warning so I stopped and searched on Google and found this forum. I followed the instructions on here to find the signing date and it was the Jan 5, 2017.
I checked this website and the file hash was different.
I therefore downloaded it from here instead.
I emailed Softpedia but didn’t get a reply although the version on there now has the correct hash (I downloaded it again today to see if the problem was there.)February 22, 2017 at 23:00 #5616
thank you for the information. If you’ve read this thread, you’ll also see my repeated pleas:
– Send me a copy of a file that seems to be signed at the wrong date, and/or with the wrong hash. Please!
We *really* need to get hold of such a file to inspect it, if it’s really out there.