Hacks and Incidents

Buggy ransomware locks up your data, then throws away the encryption key

Buggy ransomware locks up your data, then throws away the encryption key: The author of this new variant of Power Worm – so named because it is written in Windows PowerShell – wanted to use the same decryption key for each infected PC. In their point of view I imagine it made some sense to take that shortcut – if everyone had the same decryption key, they could skip having to create a complicated payment site for victims and generating a unique decryptor for each “customer”.

But a goof in the Power Worm code means that a random key was used to encrypt each and every victim’s data. No record is kept of that random key, so recovery of the encrypted data is impossible.

Yes, I know it’s disappointing to find that malware can be just as buggy as legitimate software, and that the online criminals aren’t doing proper testing of their products before release.

Standard