LockCrypt Ransomware is cracked!

Windows Articles

How to install SQLite on OpenSUSE 15.2 / 15.1?

There are many good database management systems, but they are not all the same. And the fact that they are not, means...

How to detect port scanning and private IP access with Behave

Hello! Security when surfing the internet is a very serious issue. Consequently, the precautions we take are very important. Moreover, web browsers...

How to install LAMP on OpenSUSE 15.2 / 15.1?

It is increasingly common to find small companies that decide to use the SUSE ecosystem for their servers. It's an unsurprising decision because OpenSUSE...

How to use Mytop on Linux?

We already know that both MySQL and MariaDB are among the most popular database managers out there. They have earned this with...

How to activate the automatic screen saver in Windows 10

Hello! Undoubtedly the time we spend in front of a computer has grown lately. In fact, in these times of pandemic, more...
Mel Khamlichi
Mel Khamlichihttp://www.osradar.com
Founder of Osradar, from Amsterdam Netherlands

Ransomware is the trend of today’s malware attacks. We’ve seen some of the greatest ransomware attacks in the field. WannaCry was most feared. Following WannaCry, other campaigns also launched in the world, asking for ransom in cryptocurrency. However, a ransomware “LockCrypt” has been cracked, thanks to the developer’s intellect and the hacker’s poor implementation of encryption.

The team at Malwarebytes identified a weakness in the encryption scheme that LockCrypt used. Using the weakness, the team could successfully exploit the ransomware to recover the encrypted files. Now, they can help other LockCrypt victims to get back their files.

LockCrypt attack events

The first time this ransomware was identified was last June. It’s also thought that the group responsible for LockCrypt also distributed Satan ransomware. The most significant attack of LockCrypt was taking over the network of Mecklenburg Country in North Carolina.

However, the ransomware wasn’t so active. It’s because the group didn’t distribute the malware via any phishing campaign or spams. LockCrypt groups installed the ransomware manually into the hacked systems after successfully breaking into organization’s networks via RDP.

At first, it created files with “.lock” extension. Then, it switched to “.2018” and “.1btc” respectively.

LockCrypt is sloppy

According to the researchers at Malwarebytes team, this ransomware was poorly coded. Moreover, the encryption method wasn’t powerful at all. They also criticized the sense of understanding of encryption of the hacker group. The ransomware used a custom version of encryption method instead of using the proven, powerful ones in the market. This led to an easier solution with this one.

Researchers were also able to discover an unencrypted LockCrypt sample. By analyzing the sample, they were able to find out a lot more about the sloppy ransomware.

If you’re a victim of LockCrypt, you contact Malwarebytes team. For Mac users, it’s time to be careful as a new backdoor is being spread through phishing campaign and an infected MS Word document. Learn how to stay safe from the new Mac backdoor.

More articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest article

How to install SQLite on OpenSUSE 15.2 / 15.1?

There are many good database management systems, but they are not all the same. And the fact that they are not, means...

How to detect port scanning and private IP access with Behave

Hello! Security when surfing the internet is a very serious issue. Consequently, the precautions we take are very important. Moreover, web browsers...

How to install LAMP on OpenSUSE 15.2 / 15.1?

It is increasingly common to find small companies that decide to use the SUSE ecosystem for their servers. It's an unsurprising decision because OpenSUSE...

How to use Mytop on Linux?

We already know that both MySQL and MariaDB are among the most popular database managers out there. They have earned this with...

How to activate the automatic screen saver in Windows 10

Hello! Undoubtedly the time we spend in front of a computer has grown lately. In fact, in these times of pandemic, more...