LockCrypt Ransomware is cracked!

Windows Articles

How to install Java 15 on CentOS 8 / CentOS 7

Recently Java 15 has been released with interesting new features in the accounting field and introducing many security patches. In spite of...

How to increase privacy in Windows 10.

Hello! Without a doubt the time of use of electronic devices has increased lately. Indeed, with the limitations imposed by the COVID-19...

How to install Java 15 on OpenSUSE 15.2?

Recently Java 15 has been released with interesting new features in the accounting field and introducing many security patches. In spite of...

How to install Redis on CentOS 8?

Hello, friends in this post, we will show you how to install Redis on CentOS 8 As we well...

How to enable and disable startup applications in Windows 10

Hello! Windows 10 is an attractive and very easy to use system. However, some criticism has come for being too "heavy". That...
Mel Khamlichi
Mel Khamlichihttp://www.osradar.com
Founder of Osradar, from Amsterdam Netherlands

Ransomware is the trend of today’s malware attacks. We’ve seen some of the greatest ransomware attacks in the field. WannaCry was most feared. Following WannaCry, other campaigns also launched in the world, asking for ransom in cryptocurrency. However, a ransomware “LockCrypt” has been cracked, thanks to the developer’s intellect and the hacker’s poor implementation of encryption.

The team at Malwarebytes identified a weakness in the encryption scheme that LockCrypt used. Using the weakness, the team could successfully exploit the ransomware to recover the encrypted files. Now, they can help other LockCrypt victims to get back their files.

LockCrypt attack events

The first time this ransomware was identified was last June. It’s also thought that the group responsible for LockCrypt also distributed Satan ransomware. The most significant attack of LockCrypt was taking over the network of Mecklenburg Country in North Carolina.

However, the ransomware wasn’t so active. It’s because the group didn’t distribute the malware via any phishing campaign or spams. LockCrypt groups installed the ransomware manually into the hacked systems after successfully breaking into organization’s networks via RDP.

At first, it created files with “.lock” extension. Then, it switched to “.2018” and “.1btc” respectively.

LockCrypt is sloppy

According to the researchers at Malwarebytes team, this ransomware was poorly coded. Moreover, the encryption method wasn’t powerful at all. They also criticized the sense of understanding of encryption of the hacker group. The ransomware used a custom version of encryption method instead of using the proven, powerful ones in the market. This led to an easier solution with this one.

Researchers were also able to discover an unencrypted LockCrypt sample. By analyzing the sample, they were able to find out a lot more about the sloppy ransomware.

If you’re a victim of LockCrypt, you contact Malwarebytes team. For Mac users, it’s time to be careful as a new backdoor is being spread through phishing campaign and an infected MS Word document. Learn how to stay safe from the new Mac backdoor.

More articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest article

How to install Java 15 on CentOS 8 / CentOS 7

Recently Java 15 has been released with interesting new features in the accounting field and introducing many security patches. In spite of...

How to increase privacy in Windows 10.

Hello! Without a doubt the time of use of electronic devices has increased lately. Indeed, with the limitations imposed by the COVID-19...

How to install Java 15 on OpenSUSE 15.2?

Recently Java 15 has been released with interesting new features in the accounting field and introducing many security patches. In spite of...

How to install Redis on CentOS 8?

Hello, friends in this post, we will show you how to install Redis on CentOS 8 As we well...

How to enable and disable startup applications in Windows 10

Hello! Windows 10 is an attractive and very easy to use system. However, some criticism has come for being too "heavy". That...
x