Cryptolocker (was RE: Is tape dead?

Fred Cisin cisin at xenosoft.com
Wed Sep 16 12:40:25 CDT 2015


On Wed, 16 Sep 2015, jwsmobile wrote:
> One system, or did it propagate thru the organization?
> Did you eradicate it, then get a tool for the decrypt?

Not very hard to stop it, but the damage that it does to the files (RSA 
encryption) is irreparable, unless you pay the ransom.  A significant 
percentage of the victimes pay up!  A few people have reported that the 
malevolent assholes are honorable, and do provide a working key.  A small 
few report NOT getting the decryption key.

Without major distributed work on it, decryption through brute force key 
trials would take millenia.
The purveyors of one variant were stopped, and their key database 
revealed.  I don't know if or why they are still alive.

> Curious as to details here to think about measures to stop it, or mitigate 
> it.
> I'd apologize for the off topic direction, but this is a pretty serious 
> threat that is hard to find info on that isn't bullshit or glossed over.
> Reply offline if you would rather, but I suspect anyone with classic 
> Windows XP systems and the like should pay attention.

It relies on social engineering (suckers).
Sometimes PDF files, but, I now think that I got it by falling for a fake 
Adobe upgrade popup.


More information about the cctalk mailing list