Malicious Cryptography – Cryptology & Cryptovirology


I know this maybe old news for some of you, however, I just got the chance of reading this great article on Security Focus (it’s been 2 weeks since I add it to my Favorites)

This two part article discusses some good points of Cryptology, more precisely in the field of Cryptovirology.

Writing a virus is just like writing any other piece of software, unfortunately. The designer tries to put some cleverness in the application to improve its function (or stealth), its robustness, its replication strategies, or even its payload. However, when an anti-virus analyst gets ahold of such a piece of code, he learns how it works, what it does, and so on. In the end, both the writer and the analyst share the same view of the virus, in what amounts to a Turing machine (we have a state-transition table and a starting state).

You read about the WoW Trojan and the Trojan Writers Coding for Money here at Darknet. This article will give you a clear idea of how things work.

To open your appetite, let me give you a little excerpt from the article:

A basic model seen today

This basic model can be seen according to intended targets:

  • The virus writer creates an RSA key:
    • The public key appears in the body of the virus.
    • The private key is kept by the author.
  • The virus spreads and the payload uses the public key. For example, it ciphers the data (hard drives, files, e-mail, whatever) of the targets with the public key.
  • The virus writer requires a ransom before sending the private key.

Even if you’re not into Cryptology, I strongly recommended this reading.

Part 1 & Part 2

Source: Security Focus

Posted in: Cryptography, Malware

, , , , ,


Latest Posts:


Karkinos - Beginner Friendly Penetration Testing Tool Karkinos – Beginner Friendly Penetration Testing Tool
Karkinos is a light-weight Beginner Friendly Penetration Testing Tool, which is basically a 'Swiss Army Knife' for pen-testing and/or hacking CTF's.
Aclpwn.Py - Exploit ACL Based Privilege Escalation Paths in Active Directory Aclpwn.Py – Exploit ACL Based Privilege Escalation Paths in Active Directory
Aclpwn.py is a tool that interacts with BloodHound< to identify and exploit ACL based privilege escalation paths.
Vulhub - Pre-Built Vulnerable Docker Environments For Learning To Hack Vulhub – Pre-Built Vulnerable Docker Environments For Learning To Hack
Vulhub is an open-source collection of pre-built vulnerable docker environments for learning to hack. No pre-existing knowledge of docker is required, just execute two simple commands.
LibInjection - Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS) LibInjection – Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS)
LibInjection is a C library to Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS) through lexical analysis of real-world Attacks.
Grype - Vulnerability Scanner For Container Images & Filesystems Grype – Vulnerability Scanner For Container Images & Filesystems
Grype is a vulnerability scanner for container images and filesystems with an easy to install binary that supports the packages for most major *nix based OS.
APT-Hunter - Threat Hunting Tool via Windows Event Log APT-Hunter – Threat Hunting Tool via Windows Event Log
APT-Hunter is a threat hunting tool for windows event logs made from the perspective of the purple team mindset to provide detection for APT movements hidden in the sea of windows event logs.


5 Responses to Malicious Cryptography – Cryptology & Cryptovirology

  1. TheAngel May 29, 2006 at 3:32 am #

    Nice one!

  2. Gouki May 29, 2006 at 10:28 am #

    Good reading, hein? ;-)

  3. pappy May 30, 2006 at 5:30 am #

    Thank you guys ! This is a matter of (bad) ideas, and I like malicious ones ;-)

  4. TheDexterZ September 14, 2006 at 6:31 am #

    i couldn’t open those?? help me

  5. backbone March 15, 2007 at 9:15 am #

    found a site on this subject
    http://www.cryptovirology.com/