Slashdot Mirror

← Back to Stories (view on slashdot.org)

Extortion Virus Code Cracked

Posted by ryuzaki0 on from the unlock-your-stuff dept.

Billosaur writes "BBC News is reporting that the password to the dreaded Archiveus virus has been discovered and is now available to anyone who needs it. Archiveus is a 'ransomware' virus, which combines files from the My Documents folder on Windows machines and exchanges them for a single, password-protected file, which it will not unlock unless a password is given. The user would normally be required to pay the extortionist money in order to receive the password, but apparently the virus writer made one small, critical error in coding: placing the password in the code. BTW, the 30-digit password locking the files is mf2lro8sw03ufvnsq034jfowr18f3cszc20vmw."

51 of 371 comments (clear)

  1. What relief! by AltGrendel · · Score: 4, Funny
    BTW, the 30-digit password locking the files is mf2lro8sw03ufvnsq034jfowr18f3cszc20vmw."

    I was just looking for that. Thanks!

    --
    The simple truth is that interstellar distances will not fit into the human imagination

    - Douglas Adams

    1. Re:What relief! by Anonymous Coward · · Score: 2, Funny

      Yeah me too. I was just trying aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaagh8 and then the story appeared.

    2. Re:What relief! by Tackhead · · Score: 5, Funny
      > > BTW, the 30-digit password locking the files is mf2lro8sw03ufvnsq034jfowr18f3cszc20vmw."
      >
      > I was just looking for that. Thanks!

      What?! That's exactly the kind of combination a Slashdotter would use on his luggage!

    3. Re:What relief! by wasimmer · · Score: 4, Funny

      That's amazing! I've got the same combination on my luggage!

    4. Re:What relief! by Anonymous Coward · · Score: 1, Funny

      1) Write Ransom Virus
      2) Somebody cracks the key
      3) !Profit :(

    5. Re:What relief! by Captain+Splendid · · Score: 4, Funny
      Geez, what a couple of noobs you guys are!

      Note to self: change luggage comnbination.

      --
      Linux, you magnificent bastard, I read the fucking manual!
    6. Re:What relief! by Kortec · · Score: 2, Funny

      Scale of 1-10 . . how incriminating is it if that sequence just happens to actually be my luggage lock combination?

      --
      "My heart is in the work." - Andrew Carnegie
    7. Re:What relief! by Foobar+of+Borg · · Score: 3, Funny
      I was just trying aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaagh8

      I take it you were dictating?

      --
      Similar to the upcoming US election results
    8. Re:What relief! by Anonymous Coward · · Score: 1, Funny

      Congratulations, you officially "get the joke"!

    9. Re:What relief! by caseydk · · Score: 4, Funny

      I just trademarked the Web mf2lro8sw03ufvnsq034jfowr18f3cszc20vmw.0 conference.

    10. Re:What relief! by dakara · · Score: 2, Funny

      What!? Who leaked my root password?!

    11. Re:What relief! by IDontAgreeWithYou · · Score: 2, Funny

      You have locks on your luggage?!! TERRORIST!!!!

      --
      Finding other idiots on /. that agree with your opinion doesn't make it any less stupid.
  2. Wait... by ImaLamer · · Score: 5, Funny

    We are all now victims of a DMCA lawsuit!

    --
    Get your Unix fortune now!
  3. My Lord what are we coming to by Anonymous Coward · · Score: 5, Funny

    These days even the virus authors don't know anything about writing secure software :(

  4. Wow! by daivzhavue · · Score: 3, Funny

    That's the combination to my luggage!

    --
    "A REAL computer has ONE speed and the only powersaving it permits is when you pull the power leads out of the back!"
    1. Re:Wow! by monkaduck · · Score: 4, Funny

      Hey, you too?

      --
      Napalm is nature's toothpaste
    2. Re:Wow! by minusthink · · Score: 5, Funny

      You know you really should change the default on those types of things.

      --
      "when life gets complicated, I like to take a nap in a tree and wait for dinner" - Hobbes.
    3. Re:Wow! by nacturation · · Score: 2, Funny

      Luggage? Heck, that's what's flashing on my VCR right now!

      --
      Want to improve your Karma? Instead of "Post Anonymously", try the "Post Humously" option.
  5. Wow... by beheaderaswp · · Score: 5, Funny

    Hmm...

    It also works for new Windows XP Professional installs.

    Strange.

    --
    Another consultant who stuck it out.

    "We are the Priests, of the Temples of Syrinx..."
  6. umm... by Anonymous Coward · · Score: 2, Funny

    seriously my next guess

  7. strings? by blinder · · Score: 3, Funny

    heh, is this strings to the rescue?

    one of the best programs evar :)

    --
    sad robot making broken music
  8. Re:ummm by honestmonkey · · Score: 5, Funny

    Maybe they meant 30 as in "any number that is greater than 29 and less than 40". You know, thirty. Thirty-ish. Mostly thirty. About thirty. Close to forty, but not quite. Good enough for government work. In Soviet Russia, YOU are 30. 30) Profit! 38 is the new 30.

    Actually I didn't see any fingers or toes in the password at all.

    --
    Everything you know is wrong, Just forget the words and sing along.
  9. Profit! by insanechemist · · Score: 3, Funny

    1) Write ransom virus
    2) Release
    3) ....
    4) Profit!

    Wait - that actually works I think

    --
    I thought it was a good idea
    1. Re:Profit! by 50m31sl4sh. · · Score: 2, Funny

      You forgot the third step - mf2lro8sw03ufvnsq034jfowr18f3cszc20vmw.

      --
      Rediculous is ridiculous!
  10. Thank the GPL by mypalmike · · Score: 4, Funny

    The virus writers could have used a GPL-based crypt library, but realized that there would be legal issues involved, requiring them to open-source the whole virus.

    --
    There are 0x40000000 types of people: those who understand 32-bit IEEE 754 floating point, and those who don't.
  11. Due to high oil prices... by avatar4d · · Score: 4, Funny

    today's Sesame Street program has been brought to you by:

    mf2lro8sw03ufvnsq034jfowr18f3cszc20vm and w

    --
    Confucius say: "Man who associates with smarter men than himself is smarter than the men he associates with."
  12. Extortionware ? by ch-chuck · · Score: 2, Funny

    Wow, I can see it now. New user clicks on "check email", sees "I Love You!" and clicks on the attachment. A popup window with a gun pointing out the screen appears and the message: "Alright buddy, this is a stickup - Type your bank account password in the field below and click 'submit' or everything in My Documents gets deleted!! I'm not kidding!!! Do it NOW!!!!"

    --
    try { do() || do_not(); } catch (JediException err) { yoda(err); }
  13. DAMMIT! I'm screwed! by martinultima · · Score: 4, Funny

    How'd that guy find out my root password!?

    --
    Creative misinterpretation is your friend.
  14. Re:ummm by sharkey · · Score: 2, Funny

    Perhaps the period is not part of the password, but rather denotes the end of the sentence.

    --

    --
    "Outlook not so good." That magic 8-ball knows everything! I'll ask about Exchange Server next.
  15. Drats. Time to change passwd on the server farm! by rjamestaylor · · Score: 5, Funny

    Um diddle diddle diddle um diddle ay
    Um diddle diddle diddle um diddle ay
    mf2lro8sw03ufvnsq034jfowr18f3cszc20vmw!
    Even though the sound of it Is something quite atrocious
    If you say it loud enough
    You'll always sound precocious
    mf2lro8sw03ufvnsq034jfowr18f3cszc20vmw !
    Um diddle diddle diddle um diddle ay
    Um diddle diddle diddle um diddle ay
    Because I was afraid to speak
    When I was just a lad My father gave me nose a tweak And told me I was bad
    But then one day I learned a word That saved me aching nose
    The biggest word I ever heard And this is how it goes:
    Oh, mf2lro8sw03ufvnsq034jfowr18f3cszc20vmw!
    Even though the sound of it
    Is something quite atrocious
    If you say it loud enough
    You'll always sound precocious
    mf2lro8sw03ufvnsq034jfowr18f3cszc20vmw !

    --
    -- @rjamestaylor on Ello
  16. Base 13 Jokes by sconeu · · Score: 4, Funny

    Douglas Adams made one....

    "What do you get when you multiply six by nine?" "Forty-two".

    Work it out in base 13.

    --
    General Relativity: Space-time tells matter where to go; Matter tells space-time what shape to be.
    1. Re:Base 13 Jokes by 0racle · · Score: 2, Funny

      VMS

      --
      "I use a Mac because I'm just better than you are."
    2. Re:Base 13 Jokes by Anonymous Coward · · Score: 2, Funny

      > It doesn't stop morons from repeating the HAL -> IBM
      > every goddamned time you read anything about the book/movie, though.

      Erm, but you just...oh never mind :)

  17. Re:ummm by darkmeridian · · Score: 5, Funny

    No, no. You have to pay the virus researchers to find out which eight characters to ignore. Thank god for the virus researchers, otherwise the virus ransomers would really have us, huh?

    --
    A NYC lawyer blogs. http://www.chuangblog.com/
  18. Re:Erm call me stupid but . . . by grassy_knoll · · Score: 4, Funny
    How else are you supposed to do it? Or did TFA mean that it was stored in plaintext in the code?


    I was confused by that as well. I presume plaintext, since storing a hash and comparing a hash generated from user input seems standard practice... at least in the non-virus writting community.

    Ya think the writter had a PHB leaning on him to meet deadline?
    --
    A Human Right
  19. Re:ummm by Negadecimal · · Score: 3, Funny

    You mean tredecimal Duodecimal?

    You called?

  20. Re:News That's Old, Stuff that's Stale by ajs · · Score: 4, Funny

    "Results 1 - 10 of about 69 for mf2lro8sw03ufvnsq034jfowr18f3cszc20vmw. (0.17 seconds)"

    Nuff said.

  21. Re:Just wait... by Ken_g6 · · Score: 3, Funny

    Or worse, a virus writer could just use a randomized one-time pad which makes the files unrecoverable, claim he has the password, and just make off with the dough!

    (Mod me down to hide my post if you think I'm giving virus writers too many ideas.)

    --
    (T>t && O(n)--) == sqrt(666)
  22. Big Bird chimes in by Dachannien · · Score: 2, Funny

    mf2lro8sw03ufvnsq034jfowr18f3cszc20vmw
    It's the most remarkable word I've ever seen!
    mf2lro8sw03ufvnsq034jfowr18f3cszc20vmw
    I wish I knew exactly what I mean!
    It starts out like an M word as anyone can see,
    But somewhere in the middle it gets awful 4J to me!
    mf2lro8sw03ufvnsq034jfowr18f3cszc20vmw
    If I ever find out just what this word can mean,
    I'll be the smartest bird the world has ever seen!

  23. Re:From the TFA by Anonymous Coward · · Score: 2, Funny
    to buy Cialis [...] for my girlfriend (because she didn't want to go to the doctor to get an actual prescription... partially, I think, out of fear her parents would find out even though she was in college at the time...)

    Er, you'd really have thought their parents would have found out their gender by the time they reached college age. They seem to have confused you, too, though, unless you mean "girlfriend" in some kind of metaphorical sense.

    (Wikipedia to the rescue: Cialis is a drug used to treat male erectile dysfunction.)
  24. Re:From the TFA by WillyMF1 · · Score: 2, Funny

    I can see the future of TV advertising on its way now. "Watch Survivor:XXI next Monday night and pay attention to the scroll bar during the commercials in order to get your documents back!"

  25. Re:Just wait... by swillden · · Score: 3, Funny

    As a loyal slashdot member, I had not bothered to read the article before posting.

    That goes without saying, good sir.

    I actually did go back and read it

    You what??? As an even more loyal slashdot member, I *still* have not read the article :-)

    you'll never guess how the ransom is paid. The victims are asked to go buy drugs at one of three online "pharmacies". Curious, eh?

    Very. So this virus is... advertising? Wow.

    --
    Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
  26. All your documents are belong to us! by blueZ3 · · Score: 2, Funny

    Had to be said, karma be damned

    --
    Interested in a Flash-based MAME front end? Visit mame.danzbb.com
  27. count again; it's 30 by commodoresloat · · Score: 4, Funny

    (for exceptionally high values of 30.)

  28. Re:ummm by nybble_me · · Score: 2, Funny

    I for one welcome our new 30 overlords!
    NetCraft confirms, 30 is dead!
    Imagine a beowolf cluster of 30s!
    Yum, 30 with hot grits
    IANAL 30!

    --

    reenigne
  29. OMG! Is it a violation of DMCA? by 140Mandak262Jamuna · · Score: 2, Funny

    May be I am wrong, but I thought the Digital Millennium Copyright Act prohibited breaking any encryption and made it a crime to "attempt to circumvent protection". The anti-virus people reverse engineered the virus code, decompiled it, probably ran it under SoftICE and published the password for the whole world to see. Can the author of the virus sue these anti-virus people under DMCA for causing "irreparable financial harm"? And hold slashdot as an accomplice for aiding and abetting the dissemination of the cracking key?

    --
    sed -e 's/Chuck Norris/Rajnikant/g' joke > fact
  30. Man, I worked this out months ago... by clickety6 · · Score: 1, Funny

    It's just rot13 of "All your documents are belong to us..."

    --
    ----------------------------------- My Other Sig Is Hilarious -----------------------------------
  31. CIA by Anonymous Coward · · Score: 3, Funny

    The CIA won't have a problem taking down an online pharmacy or two, they really hate it when people interfere with their drug trade anyway.

  32. Re:Erm call me stupid but . . . by suv4x4 · · Score: 2, Funny

    How do you write a jump instruction for my handmade bytecode-interpretted vm? And doesn't the CRC, which I run inlined tests of throughout my code, of the file change when you modify that instruction?

    You have a full-blown hand-made bytecode interpreter now? Let me guess how this is gonna continue:

    ME: I whip out my advanced lexical analyzer and break your bytecode into well laid out PDF specification

    YOU: I point a laser gun at you, and it's loaded.

    ME: Batman comes through the window to help me.

    YOU: Superman comes makes a hole through the ceiling and comes to help me.

    ME: Superman? What, we'll f*cking use Superman to break into encrypted files? At least Batman is ok with technology.

    YOU: Batman is just a geek: strip the technology off and what remains is a middle-aged guy with obsession over flying mice.

    ME: Bats are NOT MICE, DUH!!

  33. Funny base joke by totallygeek · · Score: 4, Funny

    You know why computer programmers get Thanksgiving and Christmas confused? Cuz OCT 31 == DEC 25.

    --
    Click here or here.
    1. Re:Funny base joke by the+real+darkskye · · Score: 2, Funny

      Thanksgiving is on the same day as Halloween?

      Now I understands what all the Americans are _really_ giving thanks for

      --
      Music is everybody's possession.
      It's only publishers who think that people own it.
      Fuck Beta
      ~John Lenno