Usr6 Posted January 7, 2014 Report Posted January 7, 2014 (edited) Security researchers have uncovered evidence of a new piece of malware that may be able to take gigabytes' worth of data hostage unless end users pay a ransom.Discussions of the new malware, alternately dubbed PrisonLocker and PowerLocker, have been occurring on underground crime forums since November, according to a blog post published Friday by Malware Must Die, a group of researchers dedicated to fighting online crime. The malware appears to be inspired by CryptoLocker, the malicious software that wreaked havoc in October when it used uncrackable encryption to lock up victims' computer files until they paid hundreds of dollars for the decryption key.PowerLocker could prove an even more potent threat because it would be sold in underground forums as a DIY malware kit to anyone who can afford the $100 for a license, Friday's post warned. CryptoLocker, by contrast, was custom built for use by a single crime gang. What's more, PowerLocker might also offer several advanced features, including the ability to disable the task manager, registry editor, and other administration functions built into the Windows operating system. Screen shots and online discussions also indicate the newer malware may contain protections that prevent it from being reverse engineered when run on virtual machines.PowerLocker encrypts files using keys based on the Blowfish algorithm. Each key is then encrypted to a file that can only be unlocked by a 2048-bit private RSA key. The Malware Must Die researchers said they had been monitoring the discussions for the past few months. The possibility of a new crypto-based ransomware threat comes as developers continue to make improvements to the older CryptoLocker title. Late last month, for instance, researchers at antivirus provider Trend Micro said newer versions gave the CryptoLocker self-replicating abilities that allowed it to spread through USB thumb drives.Sursa: Researchers warn of new, meaner ransomware with unbreakable crypto | Ars TechnicaIntrebare intrebatoareDaca ar fi posibila realizarea unui removal tool pentru asemea tipuri de malware dar metodele folosite la realizarea lui ar fi ilegale, imorale si ar incalca principiile etice, oare l-ar realiza cineva? Edited January 7, 2014 by Usr6 Quote
Usr6 Posted January 9, 2014 Author Report Posted January 9, 2014 da, ceva de genul "extragerea key-urilor" si dupa utilizarea lor pentru a construi un removal tool Quote
