|
Paradise ransomware source code by vx-underground
News about the recent leak
Code:
https://therecord.media/source-code-for-paradise-ransomware-leaked-on-hacking-forums/Quote:
|
C# and some fancy Loop with RSA :D
best way to make money in 2021 |
How was the "Emsisoft Decrypt for Paradise" made?
I thought that decrypt of files protected by ransomware is impossible! |
There are different ways to write a decrypter, mainly coding crypto stuff errors. However, as reported in the news, Paradise was "certified" to be undecryptable (https://twitter.com/demonslay335/status/1202936203290525701). Consider that Emsisoft decrypter is from 2019, and these sources of Paradise, if I see well, are from 2020
|
@CodeCracker : weakly coded ransomwares sometimes left traces of encryption keys either in RAM or somewhere else which sometimes can help create a decryptor if those traces could be dumped and used.
|
From my analyzes of the ransom globeimposter, this ramsoware uses RSA-2048 and AES-128, as far as I know there is no plain text attack of AES-128, and AES key is just some random bytes initialized at execution time; and the key will differ on each run.
So still don't know how the decryption is possible. |
Maybe it was possible for the older versions.
|
| All times are GMT +8. The time now is 12:33. |
Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX