[125827] in cryptography@c2.net mail archive
Re: Ransomware
daemon@ATHENA.MIT.EDU (Marcos el Ruptor)
Wed Jun 11 20:32:46 2008
In-Reply-To: <485015C5.6070105@gmx.co.uk>
From: Marcos el Ruptor <ruptor@cryptolib.com>
Date: Wed, 11 Jun 2008 22:28:41 +0200
To: Email List - Cryptography <cryptography@metzdowd.com>
On 11 Jun 2008, at 20:13, Dave Howe wrote:
>> This would seem to imply they already verified the public key was
>> constant in the trojan and didn't differ between machines (or that
>> I'm giving Kaspersky's team too much credit with my assumptions).
I've just looked at the virus. Upon invocation, it generates a random
128-bit RC4 key with CryptGenKey, then for each file it generates a
random IV with a very weak generator only capable of producing 256
different 128-bit values for 99.9% of the files, prepends each file
with its IV, then it encrypts that IV with the main RC4 key, hashes
that with MD5 and that hash becomes the 128-bit RC4 encryption key
for each file. It encrypts all the potentially valuable files like
that while deleting the originals, then it encrypts the main RC4 key
with one of its two hard-coded 1024-bit RSA public keys and saves it
with one of the 4 e-mail addresses it comes with to contact the
asshole who did this to you:
cipher4000@yahoo.com
content715@yahoo.com
saveinfo89@yahoo.com
decrypt482@yahoo.com
Not much can be done at this point as the executable terminates
itself creating a script that deletes it and congratulates the user.
It's not very different from the 90's hard drive formatting viruses
except for the bold extortion that comes with it. A regular backup is
your best friend.
The only thing that could probably be done by the most desperate
would be to find the largest files with known plaintext and for all
the encrypted files with the same first 16 bytes (roughly 1/256 of
them), the keystream will match. No cryptography to implement, only
XOR. Good luck!
Best regards,
Marcos el Ruptor
http://www.enrupt.com/ - Raising the bar.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
