Threat Level: green Handler on Duty: Manuel Humberto Santander Pelaez

SANS ISC: Unencrypting Extortion Malware SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Unencrypting Extortion Malware
The good people at Kaspersky have once again provided a free utility to "unencrypt" extortion malware.  Trojan.Win32.Krotten  is used to extort cash from infected users. "Krotten differs from GPCode in that GPCode encrypted data saved to disk. Krotten corrupts the system registry." Details and a link to the utility are in their blog today.

Thanks Kaspersky!
Patrick

193 Posts

Sign Up for Free or Log In to start participating in the conversation!