CryptoDefense rakes in $34K in bitcoin ransom

Share this article:

Cyber criminals have raked in more than $34,000 in the month since CryptoDefense Trojan, a variant of CryptoLocker, first appeared in February 2014 even though a poor implementation of cryptography has left “hostages” with an escape route, according to Symantec.

Symantec has blocked more than 11,000 unique CryptoDefense infections, which are spammed out via email to Windows computers. The ransomware holds victim files hostage by employing public-key cryptography using strong RSA encryption and prevents restoration until a $500 ransom payment is made in bitcoins through a unique Tor payment web page address. If the payment is not made within four days, the ransom doubles.

However, victims need not cough up a penny. They can circumvent the attack and restore files because poor cryptographic implementation by the malware authors leaves the decryption key they're holding for ransom on the infected computers.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

CryptoWall surpasses CryptoLocker in infection rates

CryptoWall surpasses CryptoLocker in infection rates

A threat analysis from Dell SecureWorks CTU says that CryptoWall has picked up where its famous sibling left off.

Professor says Google search, not hacking, yielded medical info

Professor says Google search, not hacking, yielded medical ...

A professor of ethical hacking at City College San Francisco came forward to clarify that he did not demonstrate hacking a medical center's server in a class.

Syrian Malware Team makes use of enhanced BlackWorm RAT

Syrian Malware Team makes use of enhanced BlackWorm ...

FireEye analyzed the hacking group's use of the malware, dubbed the "Dark Edition" of BlackWorm.