
  Ransomware virus that uses 1024-bit encryption key - nickb
http://www.intology.com/computers-internet/ransomware-virus-that-uses-1024-bit-encryption-key/
======
bprater
Although virus designers are the creeping crud in the moral bucket, they come
up with some uniquely creative ways to piss people off.

This model is particularly good. The pain of losing your important work is
almost greater than the pain of paying off the hostage company.

Again, good reason to back up your stuff (especially offsite!), but until it
bites you, people won't do it. Eventually, OSes need to do backups by default.
The bandwidth, connectivity and cheap drive space make this a no brainer.

~~~
nickb
What I wanna know is how they collect payments. Virtually any form of payment
is traceable today and if you can pay with a CC, you can complain to your CC
company about fraud and get your money back. I did hear that some scammer use
"gold payment systems" but never looked into those payment systems myself.

~~~
byrneseyeview
Perhaps the scammer waits until the money is free and clear -- transferring to
a different card, spending it, etc. Other options: the scammer might just use
the email to arrange a physical cash transfer.

------
Hexstream
Is it really a bigger feat to encrypt with a 1024-bits encryption key than a
660-bits one? If not I don't understand why they didn't do 1024 in the first
place. Or even why not use a 2048-bits one...

Given the situation the scammer probably doesn't care about performance, so
might as well mitigate any attempts at decryption.

~~~
derefr
They _do_ care about performance. If the victim could figure out what was
happening before their files were completely "ransacked", they could simply
shut off their computer and take it to the shop to extract however much of
their data wasn't yet encrypted. If the value of what was encrypted so far was
less than the ransom, why pay?

Also, another aspect you have to consider: strong encryption algorithms
usually have large implementations, which means large viruses. Virus
transmission rates are logarithmically proportional to their size (a virus
that can get sent from one computer to N others in half the time spreads twice
as fast each generation, and therefore exponentially (2^t) faster over time.)

