Home > Computing > Ransomware app leaves de-cryption key on…

Ransomware app leaves de-cryption key on victim’s PC

If you’ve ever seen any TV shows like “World’s Wildest Police Videos,” then you know that not all criminals are detail-oriented masterminds. Apparently, there there’s a Ransomware program out there whose creator can be counted among that group as well.

Ransomware is a form of malware that essentially locks down a user’s files, forcing them to pay hundreds in cash in order to regain access to their data. One piece of Ransomware, dubbed CryptoDefense, not only encrypts a victim’s files, but also leaves the decryption key on the same PC as well, according to security firm Symantec.

CryptoDefense employs Microsoft’s cryptographic methods as well as Windows software in order to create the plain text key that encrypts the files, which is then sent to the malware handler’s server. However, once that key is sent to the attacker, it’s also stored on the infected machine.

“The malware author’s poor implementation of the cryptographic functionality has left their hostages with the key to their own escape,” Symantec said.

However, because it takes a bit of technical know-how in order to extract the de-cryption key, it’s unlikely that the average user hit by CryptoDefense would be able to break free of the malware’s shackles. Despite it’s one big flaw, Symantec asserts that CryptoDefense has earned its handlers a hefty sum of $34,000 in a single month.

What do you think? Sound off in the comments below.