Threat Level: green Handler on Duty: Rob VandenBrink

SANS ISC: Unencrypting Extortion Malware - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Unencrypting Extortion Malware
The good people at Kaspersky have once again provided a free utility to "unencrypt" extortion malware.  Trojan.Win32.Krotten  is used to extort cash from infected users. "Krotten differs from GPCode in that GPCode encrypted data saved to disk. Krotten corrupts the system registry." Details and a link to the utility are in their blog today.

Thanks Kaspersky!
Patrick

193 Posts

Sign Up for Free or Log In to start participating in the conversation!