VB Migration

Tag: ransomware

  • Researchers seek ransomware samples for their generic solution

    VB2015 presentation to include demonstration of technique against recent samples. ‘The scary hack that’s on the rise’ is how Wired ‘s Kim Zetter described ransomware in an overview article posted yesterday. Indeed, encrypting your files and demanding a ransom to decrypt them has become a very lucrative cybercriminal enterprise. Of course, the best defence against…

  • TorrentLocker spam has DMARC enabled

    Use of email authentication technique unlikely to bring any advantage. Last week, Trend Micro researcher Jon Oliver (who presented a paper on Twitter abuse at VB2014) wrote an interesting blog post about a spam campaign that was spreading the ‘TorrentLocker’ ransomware and which, unusually, was using DMARC. TorrentLocker is one of the most prominent families…

  • ‘RansomWeb’ ransomware targets companies’ databases

    Encryption first added as a patch, key only removed when all backups are encrypted. Make backups, they said. Then you won’t have to worry about ransomware, they said. Ransomware has quickly become one of the most frustrating kinds of cyber attack. We all know that our devices could suddenly die, and if this leads to…

  • The VB2014 presentation you never saw. Early launch Android malware: your phone is 0wned

    Malicious apps may have more privileges than security software. There are many people without whom a Virus Bulletin conference wouldn’t be possible: the VB team, the crew from Cue Media , the hotel staff, the speakers, the sponsors , the delegates. But the unsung heroes of a conference are the reserve speakers. They prepare a…

  • Crypto blunder makes TorrentLocker easy to crack

    Use of single XOR key leaves ransomware open to known-plaintext attack. It has been said many times before: cryptography is hard. Earlier this year, the authors of the ‘Bitcrypt’ ransomware discovered this too, when they confused bytes and digits and made their encryption keys easy to crack. ‘TorrentLocker’ is a new kind of encryption ransomware…

  • Researchers release CryptoLocker decryption tool

    Tool uses private keys found in database of victims. Please note : this blog post was written in August 2014 and refers to a particular kind of encryption-ransomware that was active until June 2014. The tools mentioned are unlikely to work to decrypt newer versions of ransomware, including those branded as ‘CrytpoLocker’. The CryptoLocker ransomware…

  • Researchers crack ransomware encryption

    ‘Bitcrypt’ authors confused their bytes and digits. Two French researchers have found a serious vulnerability in a new piece of ransomware that has allowed them to crack the keys used by the malware to encrypt the victim’s files. CryptoLocker has become known as the unfortunate crypto success story of 2013. While stories about broken cryptography…

  • Browser-based ransomware uses scare tactics to extort money

    Unsophisticated scam shows the high level of commoditization of today’s cybercrime. A case of browser-based ransomware, that is currently using social engineering tactics in an attempt to extort money from its victims, shows how even the least sophisticated cases of cybercrime make use of services available on the black market. Given all the talk about…

  • NCA issues alert on CryptoLocker ransomware

    Malware demands $1,000 ransom to decrypt files. This weekend, the UK’s National Crime Agency (NCA) issued an alert about the ‘CryptoLocker’ ransomware – following a similar alert from US-CERT 10 days earlier. CryptoLocker is a particularly nasty piece of malware. Once it has infected a machine, it searches for files of any of 70-odd formats,…

  • VB2012 last-minute papers announced

    Hot topics to be covered at VB conference in Dallas. For the last six years, VB has set aside a section of the VB conference for ‘last-minute’ papers, the idea being that researchers submit proposals for these presentations very close to the conference itself, thus enabling them to cover topics that are as up-to-the-minute as…