From: Arshad Noor (arshad.noorstrongauth.com)
Date: Mon Jun 09 2008 - 14:18:55 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Fascinating! Attackers are using encryption to make money (I'm not
sure how they expect not to get traced to the EFTs - but that's a
different subject), while most companies are still sitting on the
fence about data-encryption of customer data.

Arshad Noor
StrongAuth, Inc.

-------- Original Message --------
Subject: Ransomware
Date: Mon, 9 Jun 2008 11:54:20 -0400 (EDT)
From: Leichter, Jerry <leichter_jerroldemc.com>
To: cryptographymetzdowd.com

Computerworld reports:

http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9094818

on a call from Kaspersky Labs for help breaking encryption used by some
ransomeware: Code that infects a system, uses a public key embedded in
the code to encrypt your files, then tells you you have to go to some
web site and pay for the decryption key.

Apparently earlier versions of this ransomware were broken because of a
faulty implementation of the encryption. This one seems to get it
right. It uses a 1024-bit RSA key. Vesselin Bontchev, a long-time
antivirus developer at another company, claims that Kaspersky is just
looking for publicity: The encryption in this case is done right and
there's no real hope of breaking it.

Speculation about this kind of attack has made the rounds for years.
It appears the speculations have now become reality.

                                                        -- Jerry
_______________________________________________
Dataloss Mailing List (datalossattrition.org)
http://attrition.org/dataloss

Tenable Network Security offers data leakage and compliance monitoring
solutions for large and small networks. Scan your network and monitor your
traffic to find the data needing protection before it leaks out!
http://www.tenablesecurity.com/products/compliance.shtml

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]