A method for Decrypting Data infected with Ransomware
Among the many types of malicious codes, #ransomware poses a major threat. Ransomware encrypts data and demands a ransom in ex-change for decryption. As data recovery is impossible if the encryption key is not obtained, some companies suffer from considerable damage, such as the payment of huge amounts of money or the loss of important data. In this paper, we analyzed Hive ransomware, which appeared in June 2021.
This is really cool! Also cool that their approach to decrypting involves generating and solving equations from the data. The paper includes example pseudocode. Snippet from section 3: - EKS[i]← Keystream1[i] T Keystream2[i%0x400] (i← 0,1,···,0xFFFFF) - Encrypted data← Data[offset] T EKS[offset%0x100000 Intro to section 4: In this section, we describe a file decryption method for the Hive ransomware using a cryptographic vulnerability. The Hive ransomware extracts two keystreams for file encryption from the master key, which is generated once at the beginning of each file encryption. The two keystreams are used to generate an EKS, and EKS encrypts the data using XOR. EKS looks random, but the keystream to generate EKS is partially reused when encrypting various files. The encryption algorithm is an XOR operation, and the algorithm that generates EKS is also XOR; therefore, it becomes easy to guess the keystreams. We obtained equations consisting of XOR operations from encrypted files, and found the master key by solving the equations. Our method to obtain the equations requires one of the following conditions: - Some of the original files corresponding to encrypted files should be available. - There should be several encrypted files with known signatures, such as .pdf, .xlsx, or .hwp. The main ways in which the original files corresponding to encrypted files can be obtained are described below. Unlike other ransomware, the Hive ransomware encrypts the Program files, Program files (x86), and ProgramData directories, which commonly store software files (Java, Python, Microsoft Office, and others) that are not related to the operating system. Therefore,we could easily obtain the original unencrypted files, as these software installation files can be obtained on the internet. Backup, synchronizing, and downloading files, and email attachments could also be utilized. By XORing the original and the encrypted file we can obtain the EKS. It is also possible to determine the EKS without the original unencrypted files. In this case, we use known file signatures. However, file signatures are short in comparison with the file data, therefore, many files with known signatures are required. Random snippet from farther down section 4: As each set forms one simultaneous equation, if one byte of Keystream2 is guessed, 0x400 values are also determined by solving the equation. That is, if one EKS is used, a maximum value of 1,025 bytes of the master key can be determined by guessing one byte (Fig. 8)
Note: I except a cryptographer/hacker would immediately notice this vulnerability when analysing the malware, and immediately act on it, before publishing the paper.
participants (2)
-
Undiscussed Horrific Abuse, One Victim of Many -
zeynepaydogan