12 Nov
2015
12 Nov
'15
1:06 a.m.
On 11/11/2015 2:36 pm, Lawrence D'Oliveiro wrote:
Turns out the perps screwed up the encryption key <lwn.net/Articles/663955/>.
A tool has been released to decrypt encrypted files. From the article: "We realized that, rather than generating secure random keys and IVs, the sample would derive these two pieces of information from the libc rand() function seeded with the current system timestamp at the moment of encryption.". Doh! http://www.csoonline.com/article/3003413/cyber-attacks-espionage/linux-ranso...