Slashdot Mirror

← Back to Stories (view on slashdot.org)

Stung By File-Encrypting Malware, Researchers Fight Back

Posted by timothy on from the picked-the-wrong-guys dept.

itwbennett (1594911) writes "When Jose Vildoza's father became the victim of ransomware, he launched his own investigation. Diving into CryptoDefense's code, he found its developers had made a crucial mistake: CryptoDefense used Microsoft's Data Protection API (application programming interface), a tool in the Windows operating system to encrypt a user's data, which stored a copy of the encryption keys on the affected computer. Vildoza and researcher Fabian Wosar of the Austrian security company Emsisoft collaborated on a utility called the Emsisoft Decrypter that could recover the encrypted keys. In mid-March Vildoza had launched a blog chronicling his investigation, purposely not revealing the mistake CryptoDefense's authors had made. But Symantec then published a blog post on March 31 detailing the error."

1 of 85 comments (clear)

  1. Why the Antivirus Era Is Over by Martin+S. · · Score: 5, Informative

    They can't keep up with the known threats

    Comparative reviews since February 2009 - February 2014

    Out-maneuvered by new threat vectors

    Outmaneuvered at Their Own Game, Antivirus Makers Struggle to Adapt

    Conventional security software is powerless against sophisticated attacks like Flame, but alternative approaches are only just getting started.

    Some of them even get it, Eugene Kaspersky admits :

    The contemporary antivirus industry and its problems