Questions tagged [ransomware]
Ransomware is a lethal kind of Malware that Encrypts your harddrive(s) and holds them hostage, providing the decryption key if you pay the hostage-taker(s) money (well-known variants are the FBI Virus and the Police Virus).
16 questions
1 vote
0 answers
126 views
Encryption scheme with variable and provable key-length
I'm currently studying the possibility of a novel ransomware technique, where an adversary instead of forcing the victim to pay a ransom, forces them to brute force a key of given length and thus ...
- 253
0 votes
2 answers
1k views
Hash Comparison to Detect Ransomware File Encryption
As detailed in a separate question, I thought I had a way to detect the type of ransomware that encrypts files silently, and then decrypts them on the fly, so as to prevent the user from realizing ...
- 193
0 votes
1 answer
147 views
Suitable hybrid encryption approach?
I need help for my bachelor thesis. I have a general question regarding hybrid encryption in different ransomware. The hybrid encryption often uses symmetric and asymmetric encryption techniques. ...
- 1
1 vote
2 answers
599 views
Why can't ransomware practically use RSA to encrypt all files?
I understand that a few ransomware have used an RSA public key to encrypt all files belonging to the victim. This is a bullet-proof system in terms of its security because the private key is always ...
- 687
0 votes
1 answer
633 views
Could a quantum computer recover files from ransomware if the attacker doubly encrypted them with RSA-4096?
How would a quantum computer decrypt a file (or find the keys to such a file) if it were encrypted with standard RSA 4096 encryption, but encrypted two times with different keys? The keys are known by ...
- 1
2 votes
1 answer
242 views
why ransomwares are still problematic?
There is some points that I don't understand yet about ransomwares : the attacker generally put his bitcoin address in the malware, can this address be used to identify and reach him ? on the ...
- 133
-2 votes
2 answers
1k views
Breaking Ransomware encryption
Recent news reports show that the UK's NHS (Nation Health Service) has suffered a major ransomware attack which is also affecting other parts of the world especially Spain and Russia, the effect is to ...
- 125
1 vote
1 answer
74 views
Paid decryption scheme and possible attack surface
This is how ransomware can work as far as I understand: Most ransomware works with symmetric encryption on individual files. For each file the script generates a new key. A list is then generated ...
- 93
2 votes
2 answers
142 views
Could a collection of data be engineered to encrypt predictably using standard encryption algorithms?
Thinking about the rather new problem of Cryptolocker and other crypto-randomware, huge amounts of damage are being caused by malicious actors simply using modern encryption algorithms to encrypt a ...
0 votes
1 answer
654 views
How to detect what crypto-method is used by Filecoder.Q?
I have 2 different images, one original, and one locked by a malware detected by eset as "Win32/Filecoder.Q". How to detect the encryption method that is used and the key, that is not using any ...
3 votes
2 answers
563 views
Is it possible to decrypt cryptowall-encrypted files? [duplicate]
I am writing regarding a certain ransomware program called cryptowall (prop 4.0). I have lost many documents to this, and as it so happens, I have a few file duplicates before and after they were ...
- 31
2 votes
1 answer
877 views
Understanding ransomware – What makes plain-text-attacks or brute-forcing so hard?
Say I have four files. Two are completely unencrypted, while the other two are the exact same files other than that they have been encrypted with (apparently) the same public key (via a ransomware ...
- 29
0 votes
1 answer
528 views
Help with RSA-2048 crypto ransom virus [closed]
The RSA-2048 Crypto Ransom Virus has devastated me, I tried the backup method, the previous version, the Shadow Explorer, it deleted all my restore points, Its took out 5 HDs and my USB pen that ...
- 17
1 vote
1 answer
750 views
Knowing pre-encryption data, can we find the private key CryptoWall used?
I'm just repurposing a question already asked about Cryptolocker for CryptoWall: "If we know exact contents of some of the files prior to them being encrypted, would it be feasible to use those ...
- 19
8 votes
1 answer
797 views
Timing attack on RSA as used by CryptoLocker?
So far I have researched timing attacks on RSA, We all know the ransomware named CryptoLocker uses RSA 2048 bit encryption. Now, is it possible to break the encryption using a timing attack. I have ...
- 81