LockCrypt Ransomware is cracked!

Windows Articles

How to access System in Windows 10

Perhaps the title of this post is misleading. In previous versions of Windows, it was enough to enter the Control Panel and from there,...

Microsoft reduces the fragmentation of Windows 10

Windows 10 20H2 has been released as a minor operating system update. As a result, it has managed to reduce platform errors. In addition,...

How to install Nginx and PHP on FreeBSD?

Hello, friends. FreeBSD is a secure system even more than Linux, that's why it's used as the main server. And a server has to...

How to enable local port forwarding using Ubuntu 20.04 and ssh

SSH, a very popular tool found almost with every IT guy. Commonly, when we talk about the insecure network for data, ssh is the...

How to use CHKDSK in Windows 10

Hello! It is very important to ensure the integrity of the hard disk in the computer. Since it is an essential element for the...
Mel Khamlichi
Mel Khamlichihttp://www.osradar.com
Founder of Osradar, from Amsterdam Netherlands

Ransomware is the trend of today’s malware attacks. We’ve seen some of the greatest ransomware attacks in the field. WannaCry was most feared. Following WannaCry, other campaigns also launched in the world, asking for ransom in cryptocurrency. However, a ransomware “LockCrypt” has been cracked, thanks to the developer’s intellect and the hacker’s poor implementation of encryption.

The team at Malwarebytes identified a weakness in the encryption scheme that LockCrypt used. Using the weakness, the team could successfully exploit the ransomware to recover the encrypted files. Now, they can help other LockCrypt victims to get back their files.

LockCrypt attack events

The first time this ransomware was identified was last June. It’s also thought that the group responsible for LockCrypt also distributed Satan ransomware. The most significant attack of LockCrypt was taking over the network of Mecklenburg Country in North Carolina.

However, the ransomware wasn’t so active. It’s because the group didn’t distribute the malware via any phishing campaign or spams. LockCrypt groups installed the ransomware manually into the hacked systems after successfully breaking into organization’s networks via RDP.

At first, it created files with “.lock” extension. Then, it switched to “.2018” and “.1btc” respectively.

LockCrypt is sloppy

According to the researchers at Malwarebytes team, this ransomware was poorly coded. Moreover, the encryption method wasn’t powerful at all. They also criticized the sense of understanding of encryption of the hacker group. The ransomware used a custom version of encryption method instead of using the proven, powerful ones in the market. This led to an easier solution with this one.

Researchers were also able to discover an unencrypted LockCrypt sample. By analyzing the sample, they were able to find out a lot more about the sloppy ransomware.

If you’re a victim of LockCrypt, you contact Malwarebytes team. For Mac users, it’s time to be careful as a new backdoor is being spread through phishing campaign and an infected MS Word document. Learn how to stay safe from the new Mac backdoor.

More articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest article

How to access System in Windows 10

Perhaps the title of this post is misleading. In previous versions of Windows, it was enough to enter the Control Panel and from there,...

Microsoft reduces the fragmentation of Windows 10

Windows 10 20H2 has been released as a minor operating system update. As a result, it has managed to reduce platform errors. In addition,...

How to install Nginx and PHP on FreeBSD?

Hello, friends. FreeBSD is a secure system even more than Linux, that's why it's used as the main server. And a server has to...

How to enable local port forwarding using Ubuntu 20.04 and ssh

SSH, a very popular tool found almost with every IT guy. Commonly, when we talk about the insecure network for data, ssh is the...

How to use CHKDSK in Windows 10

Hello! It is very important to ensure the integrity of the hard disk in the computer. Since it is an essential element for the...
x