29 May 2006 | 6,089 views

Malicious Cryptography – Cryptology & Cryptovirology

Don't let your data go over to the Dark Side!

I know this maybe old news for some of you, however, I just got the chance of reading this great article on Security Focus (it’s been 2 weeks since I add it to my Favorites)

This two part article discusses some good points of Cryptology, more precisely in the field of Cryptovirology.

Writing a virus is just like writing any other piece of software, unfortunately. The designer tries to put some cleverness in the application to improve its function (or stealth), its robustness, its replication strategies, or even its payload. However, when an anti-virus analyst gets ahold of such a piece of code, he learns how it works, what it does, and so on. In the end, both the writer and the analyst share the same view of the virus, in what amounts to a Turing machine (we have a state-transition table and a starting state).

You read about the WoW Trojan and the Trojan Writers Coding for Money here at Darknet. This article will give you a clear idea of how things work.

To open your appetite, let me give you a little excerpt from the article:

A basic model seen today

This basic model can be seen according to intended targets:

  • The virus writer creates an RSA key:
    • The public key appears in the body of the virus.
    • The private key is kept by the author.
  • The virus spreads and the payload uses the public key. For example, it ciphers the data (hard drives, files, e-mail, whatever) of the targets with the public key.
  • The virus writer requires a ransom before sending the private key.

Even if you’re not into Cryptology, I strongly recommended this reading.

Part 1 & Part 2

Source: Security Focus


Recent in Cryptography:
- ISIS Running 24-Hour Terrorist Crypto Help-desk
- KeeFarce – Extract KeePass Passwords (2.x) From Database
- ProtonMail DDoS Attack – Sustained & Sophisticated

Related Posts:
- Security By Obscurity Not So Bad After All?
- Car Immobilisers Using Weak Encryption Schemes
- The Logjam Attack – ANOTHER Critical TLS Weakness

Most Read in Cryptography:
- The World’s Fastest MD5 Cracker – BarsWF - 47,471 views
- Hackers Crack London Tube Oyster Card - 44,131 views
- WPA2 Vulnerability Discovered – “Hole 196” – A Flaw In GTK (Group Temporal Key) - 32,590 views

Low-cost VPS Hosting

5 Responses to “Malicious Cryptography – Cryptology & Cryptovirology”

  1. TheAngel 29 May 2006 at 3:32 am Permalink

    Nice one!

  2. Gouki 29 May 2006 at 10:28 am Permalink

    Good reading, hein? ;-)

  3. pappy 30 May 2006 at 5:30 am Permalink

    Thank you guys ! This is a matter of (bad) ideas, and I like malicious ones ;-)

  4. TheDexterZ 14 September 2006 at 6:31 am Permalink

    i couldn’t open those?? help me

  5. backbone 15 March 2007 at 9:15 am Permalink

    found a site on this subject