0

The "new" kind of ransomware invade your computer and crypt all your files using the RSA-2048.

Personally, I have been victim of cryptodefense: 40000 files encrypted... I'm not going to pay anything to this &? but this is a big loss. I have a lot of files in both form: crypted and uncrypted (backup from 2011...)

Is there any chance to apply a known plain text attack on RSA-2048. I read another topic and it seems that if you have two files you miss a variable (e) but is there any way to find it with more than a thousand of files?

Does that means that this is a question of calculation capacity (in that case I'm gonna wait a couple of years to have my pictures back ;-)

CodesInChaos
  • 24,841
  • 2
  • 89
  • 128
Buche77
  • 11
  • 4
    You have no chance if the malware has been implemented properly. – CodesInChaos May 07 '14 at 16:08
  • 3
    According to sources including this the malware is poorly implemented and leaves the key allowing decryption somewhere on the HD, enabling decryption, for infection before April 2014. CAUTION: attempt repair on a complete exact full backup of the HD, leave the original untouched! – fgrieu May 07 '14 at 16:37
  • It was exact before 1st april, but, the day that symantec publish this information, the pirats correct the problem the very same day and no more key on the HD... I have been invade the 14th april. If you are interested in, you can read the forum on bleeping computer : http://www.bleepingcomputer.com/forums/t/527937/cryptodefense-newest-cryptolocker-variant-details-inside/page-17?hl=%2Bcryptodefense#entry3362979 – Buche77 May 07 '14 at 16:53

0 Answers0