深田萌絵オフィシャルブログ(http://www.fukadamoe.info/)が高負荷で閲覧できない場合に使用するバックアップ用ブログです。表面からは分からない市場の裏事情を、深田が赤裸々に描いていきます。

現在の深田萌絵オフィシャルブログはFC2に移動しています。

2014年3月8日土曜日

Cryptolocker:five special fields are required for cryptolocke


 (C) The facts on five special fields required for the executor of CryptoLocker1. CryptoLocker is an uncommon computer virus developed by skillfully combining the next five special skills; 1) Well-trained hacking skills, 2) Specialized cryptography, 3) Specialized Microsoft Windows system control skills, 4) A deep knowledge and experience on online payment system, 5) A deep knowledge on financial industry.2. 1) Well-trained hacking skillsCryptoLocker contains next five features in one single malware; Trojan horse software which enables the hacker to illegally invade the computer without noticing the user, a complicated encrypting and decrypting program, Microsoft Windows system software which encrypts and decrypts any kind of files, internet communication engine that enables to connect to the Bitcoin payment system, and lastly, online payment system that is able to check if the payment is done by Bitcoin or any other virtual currency to decrypt the encrypted files. Only particular top level extraordinary hackers in the world are able to develop such complicated computer virus in a small program which is unable to detect by security software.3. 2) Specialized cryptographyOn the 9th of December, 2013, Symantec Corporation, which is a computer security corporation, released an investigation result regarding CryptoLocker that it uses two main types of cryptography. The first type is RSA public-key cryptography, which controls the key with prime factorization on composite numbers containing many digits. It is proven that CryptoLocker uses RSA-2048 with 2048 digits. Currently, RSA cryptography is able to decode at the maximum 768 digits in general.The second type is believed to be a cryptography which is basis of Domain Generation Algorithm (DGA) based on pseudorandom number generator of Mersenne Twister, which is invented by Makoto Matsumoto and Takuji Nishimura. It is believed that this type of cryptography is made in a tiny program which the users are unable to detect and it is used to encrypt each file in super high speed. However, the information mentioned above about the second type of cryptography is most likely to be a hypothesis and is still on the research.Normally, the information about CryptoLocker that is mentioned in this paper is enough to invent a method to decrypt the encrypted files by CryptoLocker; however, even the specialized agency of the FBI has not come up with the solution yet.Usually, using pseudorandom number generator such as Mersenne Twister for cryptography is not adequate. Even the inventor of Mersenne Twister does not recommend it. The reason is because since it is a pseudorandom numbers, it is not a perfect random number. Therefore, the sequence of numbers will have a fixed rule and it will be easily detected and has a high possibility of getting decoded when used as an encryption. For this reason, cryptography mainly uses RSA cryptography which applies prime numbers or encryption with perfect random numbers.4. 3) Development technology of Microsoft Windows systemGenerally, when the computer gets hacked by a virus, the virus protection software will detect it in advance and remove the malware from the computer. However, it is reported that CryptoLocker does not allow the virus protection to detect it in advance and remove it. The reason for this is because CryptoLocker contains high technology of Microsoft Windows system software which does not allow the computers to detect with the virus protection software in advance. It is believed that only particular extraordinary expert in developing Microsoft Windows system software is able to develop such programs.5. 4) Online payment systemCryptoLocker uses online payment system to demand ransom. It was believed that it is almost impossible to collect money illegally from all around the world through internet and make use of it without getting exposed. However, CryptoLocker made it happen. In order to do so, it is considered that a particular extraordinary person who has a deep knowledge and excellent skill of online payment system is involved.6. 5) A deep knowledge on financial industry and a relation in financial fieldIn order for the developers of CryptoLocker to hide their money and hide their evidence left online from the specialized police officers, they need to have enough knowledge on financial industry. Not only the developers of CryptoLocker need deep understandings of how the financial industry works and moves, but they also need a person who can help them out within the financial industry who has access to the internal matters of financial industry.

0 件のコメント:

コメントを投稿