New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
People try to make good encryption, and other do all to break it.
If everyone thought the way you did, we'd all be using ROT16 and thinking it was the top shit of encryption.
Meanwhile..
People try to make good software, but all you do is break it. #truestatement
And then the next version of this ransomware will fix the mistakes they made and it will be even harder to crack.
Then someone will crack them again
Or they accidentally make another flaws.
don't break something that works
Next version will simply use RSA 12288 Bit and problem solved.
They have reverse engineered the software, so they were able to read the encryption key (the key must be in the software itself, otherwise it can't encrypt). From there is possible. The attack is not against the AES system, but the secret code stored inside the malware.
Even if they improve the software, they need to store the key inside the malware, and it can be decrypted again.
Now, if they start pinging an online server for the key, then remove it later, that's heck.
Or they could have used asymmetric encryption - one key for encryption, another one for decryption. But it's much slower than AES.