VB Migration

Tag: torrentlocker

  • TorrentLocker spam has DMARC enabled

    Use of email authentication technique unlikely to bring any advantage. Last week, Trend Micro researcher Jon Oliver (who presented a paper on Twitter abuse at VB2014) wrote an interesting blog post about a spam campaign that was spreading the ‘TorrentLocker’ ransomware and which, unusually, was using DMARC. TorrentLocker is one of the most prominent families…

  • Macro malware on the rise again

    Users taught that having to enable enhanced security features is no big deal. When I joined Virus Bulletin almost eight years ago, macro viruses were already a thing of the past, like porn diallers or viruses that did funny things to the characters on your screen: threats that were once a real problem, but that…

  • Crypto blunder makes TorrentLocker easy to crack

    Use of single XOR key leaves ransomware open to known-plaintext attack. It has been said many times before: cryptography is hard. Earlier this year, the authors of the ‘Bitcrypt’ ransomware discovered this too, when they confused bytes and digits and made their encryption keys easy to crack. ‘TorrentLocker’ is a new kind of encryption ransomware…