Troll Virus -> Encrypts your Source Code

5 posts

Flag Post

Saw it on reddit regarding malware that uses Google Go, but an important feature of the virus is such:

This file is decrypted as a Dynamic-link library (DLL) file and then loaded. It attempts to encrypt various file formats on the compromised computer. The targeted file formats include:

  • Source code files (.c, .cpp, .cs, .php, .java, .pas, .vb, .frm, .bas, .go, .asp, .aspx, .jsp, .pl, .py, .rb)
  • […]

Article link

 
Flag Post
Originally posted by UnknownGuardian:

Saw it on reddit regarding malware that uses Google Go, but an important feature of the virus is such:

This file is decrypted as a Dynamic-link library (DLL) file and then loaded. It attempts to encrypt various file formats on the compromised computer. The targeted file formats include:

  • Source code files (.c, .cpp, .cs, .php, .java, .pas, .vb, .frm, .bas, .go, .asp, .aspx, .jsp, .pl, .py, .rb)
  • […]

Article link

>Decompile Source of Malware
> Find encryption algorithm
> Fix.

But really, this is a very interesting virus.

 
Flag Post
Originally posted by RTL_Shadow:
Originally posted by UnknownGuardian:

Saw it on reddit regarding malware that uses Google Go, but an important feature of the virus is such:

This file is decrypted as a Dynamic-link library (DLL) file and then loaded. It attempts to encrypt various file formats on the compromised computer. The targeted file formats include:

  • Source code files (.c, .cpp, .cs, .php, .java, .pas, .vb, .frm, .bas, .go, .asp, .aspx, .jsp, .pl, .py, .rb)
  • […]


Article link


>Decompile Source of Malware
> Find encryption algorithm
> Fix.


But really, this is a very interesting virus.

>Find out it used a random key.
>Know you’re doomed.
>Cry

 
Flag Post

Haha

 
Flag Post

I think the point of encrypting someone’s data is to take it hostage. If the malware creator doesn’t know how to decrypt the files and return them, they might as well just erase them. In fact, since the malware is likely to have deleted the unencrypted files after encryption, you may have better luck trying to undelete them rather than fight with the encrypted data.