viruses in the wild have used cryptography in the past, the only
purpose of such usage of cryptography was to avoid detection by antivirus software. For example, the tremor virus[5]
used polymorphism as a defensive technique in an attempt to avoid
detection by anti-virus software. Though cryptography does assist in
such cases to enhance the longevity of a virus, the capabilities of
cryptography are not used in the payload. The One-half virus[6] was amongst the first viruses known to have encrypted affected files. However, the One_half virus was not ransomware,
that is it did not demand any ransom for decrypting the files that it
has encrypted. It also did not use public key cryptography. An example
of a virus that informs the owner of the infected machine to pay a
ransom is the virus nicknamed Tro_Ransom.A.[7] This virus asks the owner of the infected machine to send $10.99 to a given account through Western Union.
Virus.Win32.Gpcode.ag is a classic cryptovirus.[8] This virus partially uses a version of 660-bit RSA and encrypts files with many different extensions. It instructs the owner of the machine to email a given mail ID if the owner desires the decryptor. If contacted by email, the user will be asked to pay a certain amount as ransom in return for the decryptor.
Virus.Win32.Gpcode.ag is a classic cryptovirus.[8] This virus partially uses a version of 660-bit RSA and encrypts files with many different extensions. It instructs the owner of the machine to email a given mail ID if the owner desires the decryptor. If contacted by email, the user will be asked to pay a certain amount as ransom in return for the decryptor.
No comments:
Post a Comment