Slashdot Mirror

← Back to Stories (view on slashdot.org)

Using Distributed Computing To Thwart Ransomware

Posted by CmdrTaco on from the much-less-satisfying-than-a-shovel-to-the-face dept.

I Don't Believe in Imaginary Property writes "The folks at Kaspersky labs are turning to distributed computing to factor the RSA key used by the GPcode virus to encrypt people's files and hold them for ransom. There are two 1024-bit RSA keys to break, which should require a network of about 15 million modern computers to spend a year per key factoring them. Unfortunately, there appear to be no vulnerabilities in the virus' use of RSA, unlike some previous cases. Perhaps more interestingly, there's some debate over whether people should bother cracking it. After all, what if they were trying to trick us into factoring the key for a root signing authority? Besides, there's a more direct method of breaking the encryption: track down the people who wrote the virus and force them to talk."

5 of 361 comments (clear)

  1. Tag: Goodluckwiththat by Opportunist · · Score: 4, Interesting

    The people who did that sit in a country ending in -stan. Countries ending in -stan have real problems and don't care for problems their citizens cause abroad.

    You can trust me on that one, I've tried. I've even had so much as the name of the person to prosecute. Nothing came out of it. Despite including our federal police and interpol.

    --
    We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
  2. 15 million CPU years by robo_mojo · · Score: 3, Interesting

    15 million CPU years per key? And the attacker can just make up new keys as often as he likes. He could even make a different key for each target if he wanted.

    15 million CPU years is a lot to spend when you could just restore from backups.

  3. Got to be a link to the extortionist by uab21 · · Score: 3, Interesting

    The screenshot at http://news.cnet.com/8301-10784_3-9965381-7.html?tag=nefd.top says that the victim pays to download a 'decryptor'. Either the decryptor contacts, in real time, the extortionist (at a server location that can be linked to them), or the private key is included in the decryptor program, and should be able to be sussed out...

  4. Other way around by DrYak · · Score: 5, Interesting

    Back in my youth, I never made regular backups.
    Then I got a virus.
    Since then, I make regular backups. Back in my childhood I did regular backups of my family's computer.
    Then we got a virus.
    Then we realized that the virus was a time bomb that was already present in dormant form even in the oldest several-months old backups.

    Sometimes you have parents that are both computer geeks, and they teach you the important of offline backups. Never the less, shit happens anyway.

    --
    "Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
  5. Re:I've got a better idea by SatanicPuppy · · Score: 3, Interesting

    If we had a backup, wouldn't it be possible to break the encryption using the backed-up data as a crib? Why force the key directly when you know what is in a large chunk of the cyphertext?

    --
    ad logicam Claiming a proposition is false because it was presented as the conclusion of a fallacious argument.