Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I'm not sure, I spent five minutes thinking about it, and it's pretty easy to come up with a design that relies on no servers, accepts payment through Bitcoin and the decryption keys are only ever stored with the operator and never divulged before payment.

Maybe malware operators aren't that experienced, who knows.



I don't know about Coinvault, but other systems would generate the private key on a server and send the public key to the computer for encryption. I don't see how you could have zero servers and still send the private key upon payment, though.

There was an early version that would generate the private key locally, which was discovered by Symantec (the original blog post isn't loading, but you can see it at https://archive.is/1AGHG) For an analysis of a more recent version that fixed this see http://www.secureworks.com/cyber-threat-intelligence/threats...

A TorLocker had flaws that allowed 70% of infections to be recovered, see https://securelist.com/blog/research/69481/a-flawed-ransomwa..., although they didn't explain what flaws there were.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: