Ransomware LeChiffre Cracked by Emsisoft
Posted by: Timothy Weaver on 01/26/2016 09:48 AM [ Comments ]
Emsisoft has created a decryptor for the ransomware LeChiffre. Users can now decrypt their locked files for free.
Earlier this month the ransomware infected three Indian banks and a pharmaceutical company, demanding one bitcoin per compromised computer and reportedly causing millions of dollars in damages.
Malwarebytes investigated the malware and found three unusual properties which allowed Emsisoft to crack the encryption. Most ransomware programs run automatically when downloaded, but LeChiffre has to be manually executed. The cyber criminals would have to manually launch the program after breaking into poorly protected systems and running the program.
LeChiffre is French for number, but can also be defined as a verb encrypt. As noted by Malwarebytes, the program is very unprofessional looking with hardly any countermeasures against analysis, but none the less succeeded in causing major damage.
Source: SCMagazine
Malwarebytes investigated the malware and found three unusual properties which allowed Emsisoft to crack the encryption. Most ransomware programs run automatically when downloaded, but LeChiffre has to be manually executed. The cyber criminals would have to manually launch the program after breaking into poorly protected systems and running the program.
LeChiffre is French for number, but can also be defined as a verb encrypt. As noted by Malwarebytes, the program is very unprofessional looking with hardly any countermeasures against analysis, but none the less succeeded in causing major damage.
Source: SCMagazine
Comments