MarsJoke Ransomware Cracked
Posted by: Timothy Weaver on 10/03/2016 03:11 PM
[
Comments
]
There is good news on the ransomware front. Researchers have decrypted the MarsJoke ransomware and can provide decryption keys for victims.
“Perhaps the creators of Polyglot wanted to disorient the victims and researchers, and created a near carbon copy of CTB-Locker from scratch to make it look like a CTB-Locker attack and that there was no hope of getting files decrypted for free,” the researchers said in a blog.
What the researchers found was that there was a serious flaw in the cryptor. The creators of the ransomware made a big mistake with the key generator.
“Taking advantage of this mistake, we were able to calculate the AES key for an encrypted file,” the researchers explained.
Kaspersky has made a free decryptor available .
Kaspersky warns that the creators could well tweak the malware in the near future.
Source: InfoSecurity
“Perhaps the creators of Polyglot wanted to disorient the victims and researchers, and created a near carbon copy of CTB-Locker from scratch to make it look like a CTB-Locker attack and that there was no hope of getting files decrypted for free,” the researchers said in a blog.
What the researchers found was that there was a serious flaw in the cryptor. The creators of the ransomware made a big mistake with the key generator.
“Taking advantage of this mistake, we were able to calculate the AES key for an encrypted file,” the researchers explained.
Kaspersky has made a free decryptor available .
Kaspersky warns that the creators could well tweak the malware in the near future.
Source: InfoSecurity
Comments
