TeslaCrypt Isn't All That Cryptic

citpyrc writes: TeslaCrypt, the latest-and-greatest ransomware branch off of the CryptoWall family, claims to the unwitting user that his/her documents are encrypted with "a unique public key generated for this computer". This coudn't be farther from truth. In actuality, the developers of this malware appear to have been lazy and implemented encryption using symmetric AES256 with a decryption key generated on the user's machine. If any of your machines are afflicted, Talos has developed a tool that can be used to generate the user's machine's symmetric key and decrypt all of the ransomed files.

Does it matter?

[gstoddart]

Since most people who will be subject to ransomware have no way of knowing the mechanics of the encryption (or wouldn't be able to access it anyway) ... does that they lied about their super secret crypto make a damned bit of difference?

Most people would care more about blocking whatever vector for this crap is causing it instead of the technical details of the crypto.

Re:Does it matter?

[ledow]

Anyone with a brain:

Would you trust the guys that infected your system, removed your access to files, ransomed the decryption key from you etc. to correctly - and perfectly - restore your untouched data?

Because, I know I wouldn't. Not without hashes of pre-infected data that I could trust, on some untouched backup device, to compare against. And then the restoration, comparison and cleanup operation is actually worse than just restoring to pre-infection backups.

You have to think of this. These people put a virus on your system that locked your files away. And you're "trusting" them to not only restore those files but to do so without introducing further infection vectors in the process. What's to say that their decrypt / encrypt routine isn't just a smokescreen to infect all your files with something else en-route? Or that they've not just done it to delay you realising that they now have that document you had with all your passwords in it...

If you're victim to ransomware, there are two options:

- You have no backups, the data wasn't important enough for a GBP50 device and you pressing the button once a month, so you've not lost anything of major value by not paying the ransom.
- You have virtually-full, verified backups just over there anyway and would have to perform all kinds of integrity checks to ensure the ransomed data is clean.

The option of "pay ransom" is really a sign that you've failed yourself (and your customers, if you're a business). You can't stop data exposure, but to have to pay to get your data back, that's just stupidity on your part.

As such, blocking the infection vector is infinitely more important than anything else, and then taking a good backup on a regular basis is second on the list. Anything else is very much bottom of the list.

What scares me most about ransomware is not the encryption, or the ransom, or the difficulty of decryption (once that data is compromised, it's gone, it's as simple as that). It's purely that it means a system-level restore of your PC / network, and that you had a hole somewhere whereby it could wreak that kind of havoc.

Re:Does it matter?

[Penguinisto]

Correction - *some* malware authors will update their kit.

The script kiddies will continue using whatever they can find, and most malware authors will happily (and TBH, justifiably) rely on general user ignorance to get what they want.

Consider it a parallel to those gawdawful stupid "You're about to get sued" phone scams. Everybody knows they're scams, yet enough ignorant/scared people take the bait to still make it worthwhile.

Re:Does it matter?

[j2.718ff]

If there was any chance that the victim didn't believe that you would return all the data, then they would not pay.

I'm not so sure of that. As a victim, you are aware that you have about 0% chance of getting your data back if you don't pay the ransom (unless you had a good backup setup somewhere). So you pay because you believe your data is important enough to justify the risk. This is similar (though nowhere near the same level) as someone demanding a random because they kidnapped your child. You already are well-aware that they are not trustworthy, but you really don't see an alternative.

Now, I do agree with your other point. If news was out that people paying the random did not get their data back, then I'm sure a smaller percentage of victims would be paying. But some would still pay, because their data is important enough to them that they hold on to that small hope that they might get it back.

Re:Further from the truth

[jratcliffe]

The problem with hamster-based encryption is the animal rarely survives the XOR process.

[Nice username.] =)

Actually, that's not that hard. Getting a slice of hamster is pretty straightforward. It's unslicing the lemon that's challenging.

Good job, Talos!

[Mirar]

Great that someone is providing tools to counter this plague...

Re:Further from the truth

[Dr_Barnowl]

It doesn't make the right emphasis

Should be "a symmetric key generated from details of the user's machine".

It's a design trade-off.

Their method means they don't have to maintain a repository of the keys that their infected machines have generated. They don't need a server receiving key transmissions, which means no server to attack, and also means their software is simpler, fewer moving parts, less to go wrong.

Unfortunately it suffers from the same problems as consumer media DRM - the user has both the encrypted data, and everything they need to generate the decryption key, it's just the algorithm that's "private". Security though obscurity.