Ransomware encryption techniques

Only symmetric encryption ransomware

Client asymmetric encryption

Server Asymmetric encryption

Server and Client asymmetric encryption + symmetric encryption

encryption routine
decryption routine

Security flaws encountered in ransomwares

  • encrypt all user files with AES-256-CBC.
  • Random AES key and IV for each file.
  • encrypt AES keys with Cpub.key RSA-2048.
  • encrypt Cpriv.key with RSA-2048 Spub.key.
  • Works without internet.
  • Communicate with the server to get Spriv.key.
  • Change computer wallpaper.
  • A Python webserver

--

--

--

Malware, cryptography, security, cryptocurrency, philosophy, epistemology and ethics.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

DNS and Root Server

An Introduction to Common Weakness Enumeration (CWE) for CIO and CISO — Part 1 | Lucideus Research

Activate Two-Factor authentication for Nextcloud

Cyber Security: There are still Problems at the Top

The 2nd ZKSwap Testnet Incentive Program ended with Over 16,000 Users Participating, and Bonus…

Cyber Security: A Top-down Imperative for Schools

Australia is Wrong About Encryption

3 Most Common Ways Hackers Use To Get Your Logins & How To Protect Yourself

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Tarcísio Marinho

Tarcísio Marinho

Malware, cryptography, security, cryptocurrency, philosophy, epistemology and ethics.

More from Medium

Power of using pseudonyms on the internet

GoDaddy Just Got Hacked (again) — How and Why Did that Happen?

HOW IS QUANTUM COMPUTING IMPACTING THE CYBERSECURITY INDUSTRY?

WHY 2-FACTOR AUTHENTICATION IS CRUCIAL