[Cryptography] "WannaCry" ransomware has any payment resulted in a key?
Tom Mitchell
mitch at niftyegg.com
Wed May 17 20:39:27 EDT 2017
I have been watching the news on the "WannaCry" ransomware
and I wonder if any payment resulted in a valid key?
It seems that the bitcoin payment step is secure but the delivery of the key
via return message is the fragile transaction from the criminals view of things.
A short list of rich payments might be worth the risk to keep the scam
alive but the list must be short.
The interesting tech here if and only if this was a "responsible scam"
would be key management.
Identifying the correct key for the correct 'locked' machine has a
couple issues. One is the machine is locked so any reliable ID of the
specific machine seems difficult to parse and since the machine is
locked a different machine must be used to make payment, communicate
the machine ID, receive the key and apply it to the locked machine.
Yes "responsible scam" sounds oxymoronic at best a cruel kindness.
Well time to go update my machines, scan for viruses and make backups!
Also make myself a 'different' account with admin privileges and may myself a
goober account for interacting with the world. Boot and recovery media too.
What a pain...
--
T o m M i t c h e l l
More information about the cryptography
mailing list