• Home
  • News
  • Oops! Flawed ransomware makes decryption impossible

Oops! Flawed ransomware makes decryption impossible

During the years we've seen antivirus companies make some really epic mistakes like when Panda flagged itself as malware or when a faulty Kaspersky update cut off the Internet access for thousands of users. However, you rarely hear about hackers screwing up, but as you will soon see, they do. A cybercriminal took a publicly available proof-of-concept code to create ransomware, but messed up the coding, so the files that get encrypted are completely unrecoverable, even for the attacker. The ransomware in question (RANSOM_CRYPTEAR.B) mostly targets Web servers and is distributed through a compromised Flash Player update which redirects the user through a website from Paraguay. From what I've read, the malware was designed by a Brazilian hacker, but his or her identity isn't known yet.

In case you're not a tech-savvy person, I've already written an article about what ransomware is and hot to defend yourself against it, so if you need more details, you should check it out. In the simplest terms, ransomware is created so that hackers can make money. The malicious code infects the victim's PC and encrypts the files on the hard-disk, displaying a message which states that the only way the victim can regain access to their files is by sending money to a specific address. Unfortunately, in case of this malware, even if the victim pays, he or she won't get back the data, which is counter-productive for the hacker who will not get paid. Furthermore, this mistake might also compromise the credibility of other (correctly functioning) ransomware, stopping victims from paying for fear of losing both their money as well as their files.

Comments