ccsoup Posted July 5, 2023 Share Posted July 5, 2023 How do blue teams find ransomware encryption problems and write decryptors for them? Link to comment Share on other sites More sharing options...
MalwareTech Posted August 3, 2023 Share Posted August 3, 2023 Usually by looking for flaws in the cryptography that allow decryption without the key, or by recovering re-used or insecurely stored keys. 1 Link to comment Share on other sites More sharing options...
Florian Posted August 5, 2023 Share Posted August 5, 2023 Bad implementation. The libabries are often solid and strong. Attacking the Crypto is dumb. 1 Link to comment Share on other sites More sharing options...
Florian Posted August 5, 2023 Share Posted August 5, 2023 Sometimes it is stuff like Key in Memory or so which let you decrypt it 1 Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now