Regarding Sicarii’s broken decryption process, researchers said that “during execution, the malware regenerates a new RSA key pair locally, uses the newly generated key material for encryption, and then discards the private key.”
Regarding Sicarii’s broken decryption process, researchers said that “during execution, the malware regenerates a new RSA key pair locally, uses the newly generated key material for encryption, and then discards the private key.”
So they basically created a hashing function?
A hash is at least consistent when given identical inputs. What they created is more like a digital incinerator.
shred -f -u-uwould give you the space back.The ransomware doesn’t. There is a block of data, sitting there, taunting you.
ehehehehe thanks for that mental image
Of course, one can always reclaim that space if the data truly is inaccessible. Makes me want to write a joke program for “cleaning up” after ransomware that just removes the data from the partition table (or whatever the equivalent for files is - would that just be
rm?)