Extreme Coders Posted April 22, 2016 Share Posted April 22, 2016 Ransomware is very common these days. Once it installs on a user machine it begins encrypting files. When the user comes to know about the ransomware attack it is already too late. Unless the user has a backup, he/she must must pay the ransom to recover the files. Luckily there has been cases where due to a faulty implementation of cryptography breaking such malware becomes feasible. The recently discovered petya ransomware is an example. This blog post is a short walk through on breaking the petya ransomware with a constraint solvers. Hope you like it & find useful. http://0xec.blogspot.com/2016/04/reversing-petya-ransomware-with.html 11 Link to comment Share on other sites More sharing options...
kao Posted April 25, 2016 Share Posted April 25, 2016 Hehe, just last week I said to myself - "how is it possible that Extreme Coders doesn't have a blog? He surely has lots of interesting things to write about!" Keep on writing, I'll keep on reading! 3 Link to comment Share on other sites More sharing options...
Extreme Coders Posted April 25, 2016 Author Share Posted April 25, 2016 Thanks man. Your works are a source of inspiration for many. 5 hours ago, kao said: Hehe, just last week I said to myself - "how is it possible that Extreme Coders doesn't have a blog? Hmm, that looks like telepathy. Blogging was not a priority for me, but decided to give it a go & it's not bad either. Link to comment Share on other sites More sharing options...
whoknows Posted June 8, 2016 Share Posted June 8, 2016 (edited) These are some links stored @ 13 April 2016 Get your petya encrypted disk back, WITHOUT paying ransom!!! - generator @: https://petya-pay-no-ransom.herokuapp.com/ howto use generator - http://www.bleepingcomputer.com/news/security/petya-ransomwares-encryption-defeated-and-password-generator-released/ generator author - visit his dad - https://github.com/leo-stone/hack-petya/tree/master/vendor/github.com/handcraftsman/GeneticGo -- Debugging Petya bootloader with IDA https://www.youtube.com/watch?v=7rtMX9zS55I ----------------- 0day - Ransomware CryptXXX Ransomware Will Now Steal Your Passwords as Well http://news.softpedia.com/news/cryptxxx-ransomware-will-now-steal-your-passwords-as-well-504898.shtml New Cerber Ransomware Variants Morph Every 15 Seconds http://news.softpedia.com/news/new-cerber-ransomware-variants-morph-every-15-seconds-504896.shtml http://i1-news.softpedia-static.com/images/news2/new-cerber-ransomware-variants-morph-every-15-seconds-504896-2.png Edited June 8, 2016 by whoknows Link to comment Share on other sites More sharing options...
ormik Posted June 28, 2017 Share Posted June 28, 2017 New version of "Petya.C" https://qz.com/1015755/ukraine-cyber-attack-the-petyapetrwrap-ransomware-with-similarities-to-wannacry-is-now-going-global/ http://www.telegraph.co.uk/news/2017/06/27/ukraine-hit-massive-cyber-attack1/ "Major firms, airports and government departments in Ukraine have been struck by a massive cyber attack which began to spread across Europe on Tuesday afternoon. In Ukraine, government departments, the central bank, a state-run aircraft manufacturer, the airport in Kiev and the metro network have all been paralysed by the hack." New version is use vulnerability: MS17-010 (used Wanna Cry); CVE-2017-0199 (https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0199) CVE-2017-0144, EternalBlue (https://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0144) More peoples already paid for a purse (Bitcoin): https://blockchain.info/address/1Mz7153HMuxXTuR2R1t78mGSdzaAtNbBWX Link to comment Share on other sites More sharing options...
ormik Posted June 28, 2017 Share Posted June 28, 2017 (edited) Technical details: https://blogs.technet.microsoft.com/mmpc/2017/06/27/new-ransomware-old-techniques-petya-adds-worm-capabilities/ Edited June 28, 2017 by ormik Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now