Tag: ransomware
-
Researchers seek ransomware samples for their generic solution
VB2015 presentation to include demonstration of technique against recent samples. ‘The scary hack that’s on the rise’ is how Wired ‘s Kim Zetter described ransomware in an overview article posted yesterday. Indeed, encrypting your files and demanding a ransom to decrypt them has become a very lucrative cybercriminal enterprise. Of course, the best defence against…
-
TorrentLocker spam has DMARC enabled
Use of email authentication technique unlikely to bring any advantage. Last week, Trend Micro researcher Jon Oliver (who presented a paper on Twitter abuse at VB2014) wrote an interesting blog post about a spam campaign that was spreading the ‘TorrentLocker’ ransomware and which, unusually, was using DMARC. TorrentLocker is one of the most prominent families…
-
‘RansomWeb’ ransomware targets companies’ databases
Encryption first added as a patch, key only removed when all backups are encrypted. Make backups, they said. Then you won’t have to worry about ransomware, they said. Ransomware has quickly become one of the most frustrating kinds of cyber attack. We all know that our devices could suddenly die, and if this leads to…
-
The VB2014 presentation you never saw. Early launch Android malware: your phone is 0wned
Malicious apps may have more privileges than security software. There are many people without whom a Virus Bulletin conference wouldn’t be possible: the VB team, the crew from Cue Media , the hotel staff, the speakers, the sponsors , the delegates. But the unsung heroes of a conference are the reserve speakers. They prepare a…
-
Crypto blunder makes TorrentLocker easy to crack
Use of single XOR key leaves ransomware open to known-plaintext attack. It has been said many times before: cryptography is hard. Earlier this year, the authors of the ‘Bitcrypt’ ransomware discovered this too, when they confused bytes and digits and made their encryption keys easy to crack. ‘TorrentLocker’ is a new kind of encryption ransomware…
-
Researchers release CryptoLocker decryption tool
Tool uses private keys found in database of victims. Please note : this blog post was written in August 2014 and refers to a particular kind of encryption-ransomware that was active until June 2014. The tools mentioned are unlikely to work to decrypt newer versions of ransomware, including those branded as ‘CrytpoLocker’. The CryptoLocker ransomware…
-
Researchers crack ransomware encryption
‘Bitcrypt’ authors confused their bytes and digits. Two French researchers have found a serious vulnerability in a new piece of ransomware that has allowed them to crack the keys used by the malware to encrypt the victim’s files. CryptoLocker has become known as the unfortunate crypto success story of 2013. While stories about broken cryptography…
-
NCA issues alert on CryptoLocker ransomware
Malware demands $1,000 ransom to decrypt files. This weekend, the UK’s National Crime Agency (NCA) issued an alert about the ‘CryptoLocker’ ransomware – following a similar alert from US-CERT 10 days earlier. CryptoLocker is a particularly nasty piece of malware. Once it has infected a machine, it searches for files of any of 70-odd formats,…
-
VB2012 last-minute papers announced
Hot topics to be covered at VB conference in Dallas. For the last six years, VB has set aside a section of the VB conference for ‘last-minute’ papers, the idea being that researchers submit proposals for these presentations very close to the conference itself, thus enabling them to cover topics that are as up-to-the-minute as…