https://securityaffairs.co/wordpress/88716/hacking/zerofucks-ransomware-decryptor.html:
A few days ago, the experts at Emsisoft released a free decryptor for the ims00ry ransomware, now the malware team announced the released[sic] of a decryptor for the ZeroFucks ransomware.
Victims of the ZeroFucks ransomware don't have to pay the ransom, they only need to download the decryptor form[sic] the link below:
[...] ZeroFucks ransomware encrypts files with AES-256 and replaces the extension in the filename with ".zerofucks" (i.e. "myphoto.jpg" is changed to " myphoto.zerofucks".
The note left on systems infected by this ransomware reads, in part:
"All your important files have been encrypted. If you want your files back, you need to pay €400 in Bitcoins. After the payment is received, we will give you access to unlock your files. Click on the Payment button to get more info." reads ransom note
Emsisoft's Decryptors for these and fifty other ransomware families are available at https://www.emsisoft.com/decrypter/.
If you have an old system or drive lying around that was ransomwared and want to see if there is a free decryptor for it, steps to identify the ransomware and an extensive list of free ransomware decryptors is available at https://heimdalsecurity.com/blog/ransomware-decryption-tools/.
(Score: 2, Informative) by bzipitidoo on Monday July 22 2019, @08:31AM (5 children)
What's with this continued use of weak encryption? Properly done, with a long enough and random enough key that is not stored on the victim's equipment, it should be utterly impractical to brute force or guess the key within the next 1000 years at the least.
Instead, this is yet another entry in the long list of unnecessarily weak encryption. If the software is built to support 4096 bit keys, why would you ever want to use anything shorter, unless you want the encryption to be more breakable? At current capacities of storage, 4k is nothing, a grain of dust too small to be seen by the naked eye,
(Score: -1, Flamebait) by Anonymous Coward on Monday July 22 2019, @10:51AM (1 child)
Nothing is more awesome than ignorance too.... Talking about AES-256 and then mentioning 4096 keys (as for public key crypto), yes, little knowledge shows very quickly.
(Score: 0) by Anonymous Coward on Monday July 22 2019, @02:49PM
(Score: 3, Informative) by epitaxial on Monday July 22 2019, @12:23PM (2 children)
Speed over quality. Encrypt as much as fast as you can.
(Score: 0) by Anonymous Coward on Monday July 22 2019, @03:31PM (1 child)
Not posting details because it's not like we need more unbreakable ransomware around ;).
(Score: 1) by RandomFactor on Tuesday July 23 2019, @12:14AM
I would argue that anyone who would benefit from a random posting about encryption in passing on SN isn't likely to be building a ransomware package that will be able to stay clear of that long list of ransomware with free-decryptors available :-p
I think most of the ransomware encryption these days that gets decryptors isn't beaten because it is too weak an algorithm. Either the implementation is flawed, or they do stupid things like leave keys in the code, or the key servers get pwned or seized allowing for decryptors to be built.
В «Правде» нет известий, в «Известиях» нет правды