itsMe Posted September 4, 2020 Share Posted September 4, 2020 This is the hidden content, please Sign In or Sign Up A ransonware tool that uses cryptocurrency to decrypt What's a RansomCryWare? RansomCryWare is a form of malware that prevent legitimate users from accessing their device or data and asks for a payment in exchange for the stolen functionality. They have been used for mass extortion in various forms, but the most successful seem to be encrypting ransomware: most of the user data are encrypted and the key can be retrieved with a payment to the attacker. To be widely successful a ransomware must fulfill three properties: Property 1: The hostile binary code must not contain any secret (e.g. deciphering keys). At least not in an easily retrievable form, indeed white box cryptography can be applied to ransomware. Property 2: Only the author of the attack should be able to decrypt the infected device. Property 3: Decrypting one device can not provide any useful information for other infected devices, in particular the key must not be shared among them. Features: encrypt all user files with AES-256-CBC. Random AES key and IV for each file. Works even without internet connection. Communication with the server to decrypt Client-private-key. encrypt AES key with client-public-key RSA-2048. encrypt client-private-key with RSA-2048 server-public-key. Change computer wallpaper -> Gnome, LXDE, KDE, XFCE. Decryptor that communicate to server to send keys. python webserver Daemon Kill databases This is the hidden content, please Sign In or Sign Up Link to comment Share on other sites More sharing options...
Cyber_Bot Posted September 22, 2020 Share Posted September 22, 2020 (edited) Wow, Amazing For Sharing Edited September 22, 2020 by Cyber_Bot Link to comment Share on other sites More sharing options...
Recommended Posts