The first samples of this malware appeared in November 2014 (the first sample was uploaded to on November 11, 2014). Today, we will investigate several encryption-based trojans which emerged after the notorious spread of CryptoLocker on the internet (or at the same time). However, it was CryptoLocker that established the bad trend among virus writers to use the latest achievements in cryptography as quite stable encryption algorithms. ![]() Just remember Trojan.Xorist with its primitive encryption algorithm based on XOR, or Trojan.ArchiveLock written in PureBasic, which used regular WinRAR for encryption and Sysinternals SDelete for deleting encrypted files, and demanded as much as five thousand dollars for decryption. The first examples of malware that encrypts files and then demands money for decryption appeared a long time ago. Previous part: The Children of CryptoLocker, Part 1
0 Comments
Leave a Reply. |