Noob Forum

April 29, 2020 Computer virus Malware Ransomware

I'm interested about cryptography. But, I didn't explore about ransomware in deep. However recently one of my friend said that, some officials make decryption keys for ransomwares. I get wonder how they decrypt AES. If it is possible to decrypt, most of SSL connections, disk encryptions, bitcoin network, etc. will be a lie. That's why I became wonder.

However ransomware decryptors are possible.

I asked a Q&A in Malwaretips community. Then I got a answer from struppigel. He explained a thing that I didn't realize. It was, "most of ransomware developers make a mistake". then I got the point.

For encryption ransomeware should carry AES256 key which also need to decrypt. So if we cant extract in to ransomware and explore binary of it, we can find the KEY. If we can't there is no hope.