Stung By File-Encrypting Malware, Researchers Fight Back

Stung By File-Encrypting Malware, Researchers Fight Back 85

Posted by timothy on Thursday April 10, 2014 @11:26AM from the picked-the-wrong-guys dept.

itwbennett (1594911) writes "When Jose Vildoza's father became the victim of ransomware, he launched his own investigation. Diving into CryptoDefense's code, he found its developers had made a crucial mistake: CryptoDefense used Microsoft's Data Protection API (application programming interface), a tool in the Windows operating system to encrypt a user's data, which stored a copy of the encryption keys on the affected computer. Vildoza and researcher Fabian Wosar of the Austrian security company Emsisoft collaborated on a utility called the Emsisoft Decrypter that could recover the encrypted keys. In mid-March Vildoza had launched a blog chronicling his investigation, purposely not revealing the mistake CryptoDefense's authors had made. But Symantec then published a blog post on March 31 detailing the error."

Stung By File-Encrypting Malware, Researchers Fight Back

Search 85 Comments Log In/Create an Account

Comments Filter:

Re:fake website (Score:5, Funny)

by Richy_T ( 111409 ) writes: on Thursday April 10, 2014 @02:33PM (#46716691) Homepage

I take special delight in stealing the images of sites like that.

Great summary (Score:4, Funny)

by uvajed_ekil ( 914487 ) writes: on Thursday April 10, 2014 @10:06PM (#46721449)

Now I finally know what API means.

There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.

Stung By File-Encrypting Malware, Researchers Fight Back 85

Stung By File-Encrypting Malware, Researchers Fight Back More Login

Stung By File-Encrypting Malware, Researchers Fight Back

Re:fake website (Score:5, Funny)

Great summary (Score:4, Funny)

Related Links Top of the: day, week, month.

Slashdot Top Deals

Slashdot