BreachExchange mailing list archives
[Fwd: Ransomware]
From: Arshad Noor <arshad.noor () strongauth com>
Date: Mon, 09 Jun 2008 12:18:55 -0700
Fascinating! Attackers are using encryption to make money (I'm not sure how they expect not to get traced to the EFTs - but that's a different subject), while most companies are still sitting on the fence about data-encryption of customer data. Arshad Noor StrongAuth, Inc. -------- Original Message -------- Subject: Ransomware Date: Mon, 9 Jun 2008 11:54:20 -0400 (EDT) From: Leichter, Jerry <leichter_jerrold () emc com> To: cryptography () metzdowd com Computerworld reports: http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9094818 on a call from Kaspersky Labs for help breaking encryption used by some ransomeware: Code that infects a system, uses a public key embedded in the code to encrypt your files, then tells you you have to go to some web site and pay for the decryption key. Apparently earlier versions of this ransomware were broken because of a faulty implementation of the encryption. This one seems to get it right. It uses a 1024-bit RSA key. Vesselin Bontchev, a long-time antivirus developer at another company, claims that Kaspersky is just looking for publicity: The encryption in this case is done right and there's no real hope of breaking it. Speculation about this kind of attack has made the rounds for years. It appears the speculations have now become reality. -- Jerry _______________________________________________ Dataloss Mailing List (dataloss () attrition org) http://attrition.org/dataloss Tenable Network Security offers data leakage and compliance monitoring solutions for large and small networks. Scan your network and monitor your traffic to find the data needing protection before it leaks out! http://www.tenablesecurity.com/products/compliance.shtml
Current thread:
- [Fwd: Ransomware] Arshad Noor (Jun 09)