Ransomware
Jim Youll
jim at cr-labs.com
Mon Jun 9 15:11:01 EDT 2008
On Jun 9, 2008, at 11:54 AM, Leichter, Jerry wrote:
> Computerworld reports:
>
> http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9094818
> [...]
> Apparently earlier versions of this ransomware were broken because
> of a
> faulty implementation of the encryption. This one seems to get it
> right. It uses a 1024-bit RSA key. Vesselin Bontchev, a long-time
> antivirus developer at another company, claims that Kaspersky is just
> looking for publicity: The encryption in this case is done right and
> there's no real hope of breaking it.
If there's just one key, then Kaspersky could get maximum press by
paying the ransom and publishing it. If there are many keys, then
Kaspersky
still has reached its press-coverage quota, just not as dramatically.
> Speculation about this kind of attack has made the rounds for years.
> It appears the speculations have now become reality.
But press gambits from security companies have been in the realm of
reality for
quite some time!
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list