LockCrypt Ransomware Cracked Due to Bad Crypto

Faybert

Faybert

Level 24
Thread author
Verified
Top Poster
Well-known
Jan 8, 2017
1,318
Content source
https://www.bleepingcomputer.com/news/security/lockcrypt-ransomware-cracked-due-to-bad-crypto/
The team at Malwarebytes has identified a weakness in the encryption scheme utilized by the LockCrypt ransomware that they can exploit to recover a victim's data.
The flaw —explained in a Malwarebytes report here— resides in the fact that the LockCrypt crew decided to roll out a custom encryption scheme instead of using proven systems.
Researchers' efforts were also aided after discovering a LockCrypt sample that was not obfuscated or crypted, allowing investigators access to the ransomware's internal structure in great detail.
With the new info that researchers gathered, they were now able to provide help to victims who got infected by this threat.
Click to expand...
LockCrypt ransomware installed after RDP attacks
The LockCrypt ransomware was first spotted last June. Researchers believe the LockCrypt gang had previously distributed versions of the Satan ransomware. The most high profile case of a LockCrypt infection happened in December last year when crooks managed to infect the network of Mecklenburg County in North Carolina.
There was little activity from this ransomware variant because the LockCrypt group didn't mass-distribute their malware via email spam or exploit kits, but they broke into organizations' networks via RDP and manually installed the ransomware on compromised computers.
.....
.....
Click to expand...
 
  • Like
Reactions: Mariihh, silversurfer and harlan4096
You must log in or register to reply here.

Similar threads

[correlate]
    • Like
    • Applause
    • +Reputation
Serious Discussion Rhysida Ransomware Cracked, Free Decryption Tool Released
Replies
2
Views
418
General Security Discussions
Gandalf_The_Grey
Gandalf_The_Grey
Gandalf_The_Grey
    • +Reputation
    • Like
Free Key Group ransomware decryptor helps victims recover data
Replies
0
Views
980
News Archive
Gandalf_The_Grey
Gandalf_The_Grey
Shadowra
    • +Reputation
    • Like
Malware News StopCrypt: Most widely distributed ransomware evolves to evade detection
Replies
3
Views
997
Security News
Victor M
Victor M

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top