Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


French Experts have Cracked and Opened BitCrypt Ransomware

Infosecurity-magazine.com reported during last week of February 2014 stating that two French researchers Cedric Pernet and Fabien Perigaud have identified a fresh variant of ransomware nicknamed BitCrypt.

BitCrypt operates by encrypting the files of victim by employing a cryptographic algorithm like CryptoLocker bug but uses a delicate 426-bit key which is unlike CryptoLocker.

It highlights that it locks files by employing 1024-bit RSA encryption but actually this is not the case.

The duo (referring to Pernet and Perigaud) broke BitCrypt's encryption with no exceptional code in just-around 43 hours on a quad-core personal computer (PC) and in a matter of about 14 hours on a 24-core server on finding a flaw in Delphi-compiled malware's key encryption - "a big mistake from the author". Actually they broke the encryption key with the help of a cryptography expert.

The researchers first saw BitCrypt and encrypted everything on the computer of their friends. According to research, domain 'bitcrypt.info' was registered on 3rd February, 2014.

Victims of BitCrypt probably are directed toward this website where they are asked to set up a Bitcoin purse and pay 0.4 Bitcoins into the purse of the person or people responsible for BitCrypt.

When the criminals received the payment from the infected user's wallet, they send the appropriate encryption key to user for decryption of their files.

The duo found and analyzed a VirusTotal sample of BitCrypt which had been submitted on 9th February, 2014 and then performed a reverse-engineering of the malware.

They found that the malware encrypts more than 50 file types including .doc and .txt files, Power Point, JPEG and other common extensions beside photos.

They said that the origin of the ransomware is yet to be found with web pages in only English and French language. Experts also said that there has been no report of massive infections with this ransomware currently.

Users should always have an updated anti-virus product and should regularly keep back-ups of sensitive information on an external hard-drive which can be used in case they are stung by an unknown and unwanted computer virus.

ยป SPAMfighter News - 3/14/2014

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page