Threat Level: green Handler on Duty: Rick Wanner

SANS ISC: Ransomware keybreaking - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Ransomware keybreaking

Some interesting bits about some new "ransomware". It's malware that encrypts the victim's data and asks to be sent money for the decrypting software. As such there is nothing spectacularly new were it not that it seems the attacker seems to have properly used cryptography to get it done: RC4 for the bulk of the work and then a 1024 bit RSA key public key to hide the RC4 key.

Well so far it looks like the malware author upped the ante and made it harder for the AV world to beat him. Especially since the largest RSA key ever to be publicly broken only weighs in at 663 bit length, not 1024 (which makes a huge difference!).

Kaspersky launched a project to ask for help in breaking the key. This would take about a year with millions of computers, so it's not something trivial to take on.

But there are a few problems here beyond the cryptographic challenge.

First, how do we know the attacker won't change the key before we're done. After all, it'll take him merely minutes to swap the key in a new strain of his malware and we're set for another year ? This isn't a race we're going to win.

It gets worse when reading Eran Tromer's writing over at MIT:

How do we know this public key (or his next key, or the one after that), is a key the attacker actually has the matching private key for? How do we know for sure this key doesn't belong to somebody else and by giving out the private key to thwart the apparent attacker we're actually helping him in his real attack against somebody else. This could be settled by letting through the right trickery proof the attacker that he actually has the key.

But suppose we don't get the proof, how do we know it's not even far worse and that this public key belong to some infrastructure we rely on to keep things safe ? Imagine the key belonging to a CA used to sign SSL certificates ... we'd be causing a whole lot of damage by making such a secret key known. Imagine the key belonging to a bank's https site, it would become vulnerable to a MitM attack without the customers getting so much as to have to click next on their attempts to connect (yeah, why browsers even allow you to do that, but that's another story).

I'd propose old fashioned police work instead: follow the money, seize the private key (if he has it) and throw the criminal(s) in jail for a very long time.

Some links:

--
Swa Frantzen --- Gorilla Security

Swa

760 Posts
Add to the list of questionable assumptions: How do you know that paying the attacker will stop the attacks? (Harden and restore, it's the only way.)
Anonymous

Sign Up for Free or Log In to start participating in the conversation!