Forums Game Programming

Troll Virus -> Encrypts your Source Code

Subscribe to Troll Virus -> Encrypts your Source Code 5 posts

Sign in to reply

Sep 20, 2012 8:19pm
avatar for UnknownGuardian UnknownGuardian 8130 posts
Flag Post

Saw it on reddit regarding malware that uses Google Go, but an important feature of the virus is such:

This file is decrypted as a Dynamic-link library (DLL) file and then loaded. It attempts to encrypt various file formats on the compromised computer. The targeted file formats include:

  • Source code files (.c, .cpp, .cs, .php, .java, .pas, .vb, .frm, .bas, .go, .asp, .aspx, .jsp, .pl, .py, .rb)
  • […]

Article link
 
Sep 20, 2012 9:12pm
avatar for RTL_Shadow RTL_Shadow 1020 posts
Flag Post
Originally posted by UnknownGuardian:

Saw it on reddit regarding malware that uses Google Go, but an important feature of the virus is such:

This file is decrypted as a Dynamic-link library (DLL) file and then loaded. It attempts to encrypt various file formats on the compromised computer. The targeted file formats include:

  • Source code files (.c, .cpp, .cs, .php, .java, .pas, .vb, .frm, .bas, .go, .asp, .aspx, .jsp, .pl, .py, .rb)
  • […]

Article link

>Decompile Source of Malware
> Find encryption algorithm
> Fix.

But really, this is a very interesting virus.
 
Sep 20, 2012 11:36pm
avatar for BobTheCoolGuy BobTheCoolGuy 3750 posts
Flag Post
Originally posted by RTL_Shadow:
Originally posted by UnknownGuardian:

Saw it on reddit regarding malware that uses Google Go, but an important feature of the virus is such:

This file is decrypted as a Dynamic-link library (DLL) file and then loaded. It attempts to encrypt various file formats on the compromised computer. The targeted file formats include:

  • Source code files (.c, .cpp, .cs, .php, .java, .pas, .vb, .frm, .bas, .go, .asp, .aspx, .jsp, .pl, .py, .rb)
  • […]


Article link


>Decompile Source of Malware
> Find encryption algorithm
> Fix.


But really, this is a very interesting virus.

>Find out it used a random key.
>Know you’re doomed.
>Cry
 
Sep 20, 2012 11:40pm
avatar for BigJM BigJM 468 posts
Flag Post

Haha
 
Sep 21, 2012 1:06am
avatar for Ace_Blue Ace_Blue 1065 posts
Flag Post

I think the point of encrypting someone’s data is to take it hostage. If the malware creator doesn’t know how to decrypt the files and return them, they might as well just erase them. In fact, since the malware is likely to have deleted the unencrypted files after encryption, you may have better luck trying to undelete them rather than fight with the encrypted data.

Sign in to reply