Slashdot Mirror

← Back to Stories (view on slashdot.org)

Using Distributed Computing To Thwart Ransomware

Posted by CmdrTaco on from the much-less-satisfying-than-a-shovel-to-the-face dept.

I Don't Believe in Imaginary Property writes "The folks at Kaspersky labs are turning to distributed computing to factor the RSA key used by the GPcode virus to encrypt people's files and hold them for ransom. There are two 1024-bit RSA keys to break, which should require a network of about 15 million modern computers to spend a year per key factoring them. Unfortunately, there appear to be no vulnerabilities in the virus' use of RSA, unlike some previous cases. Perhaps more interestingly, there's some debate over whether people should bother cracking it. After all, what if they were trying to trick us into factoring the key for a root signing authority? Besides, there's a more direct method of breaking the encryption: track down the people who wrote the virus and force them to talk."

13 of 361 comments (clear)

  1. Seems rather futile.. by FluffyWithTeeth · · Score: 5, Insightful

    Surely all the have to do is start using a new key every so often, and the task becomes pointless?

    1. Re:Seems rather futile.. by SQLGuru · · Score: 5, Insightful

      Surely all you have to do is make frequent back-ups of your critical data and the virus becomes pointless.

      Hacker - You must pay me $100 or your files will be forever encrypted by my nigh-unbreakable RSA code.
      User - Meh, I just wiped my system of your virus and restored my important files from back-up. Piss off.

      Layne

    2. Re:Seems rather futile.. by oldspewey · · Score: 5, Informative

      As has been pointed out in the past - the people who are most likely to become infected with a ransomware virus are exactly the same people who are least likely to have backups available.

      --
      If libertarians are so opposed to effective government, why don't they all move to Somalia?
    3. Re:Seems rather futile.. by Anonymous+Conrad · · Score: 5, Informative

      I'll assume someone paid the ransom at least once. So what key did they use to decrypt? Do us a favor and post it.

      As for it being a trick to crack a root signing key, would they not have to have the private key to encrypt with to start? ... huh?

      It works like this:

      1. Virus generates a random encryption key and encrypts your data with it. Let's call this K.
      2. Virus encrypts the random key with a RSA public key and instructs you to email that, R(K), and your money, to the ransomers.
      3. The ransomers use their RSA private key to decrypt the encrypted random encryption key, R(K), into K.
      4. You use the random encryption key they sold back to you, K, to rescue your data.

      Someone else's decryption key, K', is not useful to you because your data was encrypted with a different random key K. You have an RSA-encrypted copy of your own random key, R(K), because that's what the ransomers need you to send them so they can sell you the decryption key K. We're trying to crack the RSA private key so we can generate K from R(K) without having to pay them money, i.e. sidestep step 3.
  2. I've got a better idea by elrous0 · · Score: 5, Insightful

    Encourage people to make backups of their data on disc, tape, or portable harddrives. I know that's a radical idea, but it just might be crazy enough to work.

    --
    SJW: Someone who has run out of real oppression, and has to fake it.
    1. Re:I've got a better idea by Opportunist · · Score: 5, Funny

      I think, personally, that human stupidity is a gold mine, and I'm slowly losing any inhibition and cashing in on it.

      Way ahead of you. I went into IT security years ago. It is a gold mine. You can basically sell snakeoil and people will kill each other to buy it from you.

      --
      We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
    2. Re:I've got a better idea by TheRealFixer · · Score: 5, Funny

      Psh... backups? I restore my data from a parallel universe, where I didn't get hit by a virus in the first place.

    3. Re:I've got a better idea by cowscows · · Score: 5, Insightful

      So what you're saying is that anyone who lives in any fashion beyond subsistence farming is stupid?

      Banking, religion, and politics all have their problems, no doubt. But they're all important and persistent factors in the progress that humanity has made. They've all been involved in bad things, but they've all be involved in lots of good things as well.

      A human being is, on their own, capable of many things, both good and bad. Structures, systems, corporations, religions, corporations...they've all allowed us as a civilization to accomplish tasks that no one man could accomplish on his own. Some good and some bad, but all it does is amplify our abilities.

      --

      One time I threw a brick at a duck.

    4. Re:I've got a better idea by roc97007 · · Score: 5, Funny

      > Psh... backups? I restore my data from a parallel universe, where I didn't get hit by a virus in the first place.

      K dkd that, but kt turns out they use a slkghtly dkfferent alphabet kn that unkverse.

      --
      Oliver's law of assumed responsibility: If you're seen fixing it, you will be blamed for breaking it.
  3. Re:Make them talk? by Opportunist · · Score: 5, Funny

    Simple. Lock them in a cell with a person whose complete pr0n collection is now encrypted. Then go out and come back about an hour later. They talk. They will confess everything, including the assassination of JFK, just as long as they don't have to spend more time with someone whose jackoff material is gone and they're to blame for it.

    Talk about motivation!

    --
    We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
  4. Interbank Data Recovery Services by wagnerrp · · Score: 5, Funny

    Fortunately, we had Interbank Data Recovery Services. And Interbank does more than just acquire the decryption key.

    That's because Interbank vows to find out who sent you the ransom and hunt them down like animals. Like filthy, dirty animals. That's the Interbank difference. See, I don't care how Interbank's secret police get things done. I just care that they get things done. For us.

    Plus, because we'd enrolled in their Premiere Membership program, Interbank also hunted down friends and relatives of the guy who had encrypted our data, dragged them from their beds in the middle of the night, and set fire to their homes.

  5. Don't forget the corollary. by khasim · · Score: 5, Insightful

    Don't forget the corollary.

    Encourage the application writers to make their applications EASY TO BACKUP.

    The problem I keep seeing is that TELLING someone to back up their data is easy to do. FINDING ALL of the data is just about impossible.

    You'll never know if you got it all until AFTER a problem.

    Or even ... how about just including a simple script that will look at how it's installed TODAY and back it up to a location chosen by the user? And then that script will generate a script to install that backup should you need it to. Along with license keys and decoding keys and unlocking keys, etc.

  6. Other way around by DrYak · · Score: 5, Interesting

    Back in my youth, I never made regular backups.
    Then I got a virus.
    Since then, I make regular backups. Back in my childhood I did regular backups of my family's computer.
    Then we got a virus.
    Then we realized that the virus was a time bomb that was already present in dormant form even in the oldest several-months old backups.

    Sometimes you have parents that are both computer geeks, and they teach you the important of offline backups. Never the less, shit happens anyway.

    --
    "Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]