Security
Unlocked! Recovering files taken hostage by ransomware
Decrypting files hijacked by the "second most used ransomware in Germany"
We present an analysis and recovery method for files encrypted by Black Basta, the "second most used ransomware in Germany".
We analysed the behaviour of a ransomware encryptor and found that the malware uses their keystream wrongly, rendering the encryption vulnerable to a known-plaintext attack which allows for recovering affected files. We confirmed the finding by implementing tools for recovering encrypted files.
We have made our tools for decrypting files without access to the actual key available to victims directly, through BSI, and to incident responders, as well as German and international law enforcement. Now, we are actively publishing these tools, along with the knowledge shared in our talk, empowering affected organizations to recover some of their files without succumbing to paying the criminals.
We present an analysis of a popular ransomware and tools for recovering encrypted files without access to the official decryptor or key. We're discussing "the second most used ransomware in Germany", encrypting Windows computers and ESXi hosts running virtual machine workloads.
Our decryptor-tool exploits a weakness in the cryptographic code in the malware. This weakness allows to (partially) recover encrypted files without access to the decryptor and without needing the cryptographic keys used by the ransomware.
We dive into the details of the cryptographic operations used by the malware and explain how it fails to use the cryptographic primitives properly. In particular, the ransomware encrypts victim files using a stream cipher. Files smaller than 5000 bytes are fully encrypted. Larger files are only partially encrypted for efficiency reasons. We found that for larger files, the ransomware re-uses the same cryptographic keystream for encrypting different parts of the same file, thereby breaking the security of the used stream cipher. If the plaintext of any encrypted file part is known, the keystream can be recovered and used to decrypt (large parts of) the target file without the underlying cryptographic key.
Affected organisations can check whether the variant of the malware found in their network is susceptible to this attack by purposefully letting the ransomware encrypt a large file (512 MB) containing only zero bytes. If the encrypted parts of the file are identical when analysing the encrypted file (e.g. in a hex editor), recovery is likely possible using the tools presented here.
Depending on the encrypted file, parts of the plaintext may be known. For instance, VM disk images are likely to contain stretches of zero bytes. As part of the tooling we have developed, we have implemented a heuristic to detect encrypted zero blocks in encrypted files. If found, (large parts of) the encrypted file can then be recovered. For other types of files, individual plaintext blocks may be recoverable via other means (e.g. using backups or specialised tools), also enabling data recovery.
The decryption tools can be found here: https://github.com/srlabs/
Additional information
| Live Stream | https://streaming.media.ccc.de/37c3/granville |
|---|---|
| Type | lecture |
| Language | English |
More sessions
| 12/27/23 |
Hardware hacking tooling for the new iPhone generation If you've followed the iPhone hacking scene you probably heard about cables such as the Kanzi Cable, Kong Cable, Bonobo Cable, and so on: Special cables that allow access to hardware debugging features on Lightning-based iPhones such as UART and JTAG. However with the iPhone 15, all of those tools became basically useless: USB-C is here, and with that we need new hardware and software tooling. This talk gives you a brief history of iPhone ...
|
| 12/27/23 |
The importance and relevance of vehicles in investigations are increasing. Their digital capabilities are rapidly growing due to the introduction of additional services and features in vehicles and their ecosystem. In this talk on automotive digital forensics, you will embark on a journey through the cutting-edge world of automotive technology and the critical role digital forensics plays in this domain. We will explore the state-of-the-art methods and tools to investigate modern vehicles, ...
|
| 12/27/23 |
Tesla's driving assistant has been subject to public scrutiny for good and bad: As accidents with its "full self-driving" (FSD) technology keep making headlines, the code and data behind the onboard Autopilot system are well-protected by the car manufacturer. In this talk, we demonstrate our voltage-glitching attack on Tesla Autopilot, enabling us root privileges on the system.
|
| 12/27/23 |
Imagine discovering a zero-click attack targeting Apple mobile devices of your colleagues and managing to capture all the stages of the attack. That’s exactly what happened to us! This led to the fixing of four zero-day vulnerabilities and discovering of a previously unknown and highly sophisticated spyware that had been around for years without anyone noticing. We call it Operation Triangulation. We've been teasing this story for almost six months, while thoroughly analyzing every stage of ...
|
| 12/27/23 |
Elektronische Arbeitsunfähigkeitsbescheinigungen (eAU), Arztbriefe, medizinische Diagnosen, all diese sensiblen Daten werden heute mittels KIM – Kommunikation im Gesundheitswesen – über die Telematikinfrastruktur (TI) verschickt. Aber ist der Dienst wirklich sicher? Wer kann die Nachrichten lesen, wo werden die E-Mails entschlüsselt und wie sicher ist die KIM-Software? Im Live-Setup einer Zahnarztpraxis haben wir Antworten auf diese Fragen gesucht.
|
| 12/27/23 |
This talk will present details of the TETRA:BURST vulnerablities - the result of the first public in-depth security analysis of TETRA (Terrestrial Trunked Radio): a European standard for trunked radio globally used by government agencies, police, military, and critical infrastructure relying on secret cryptographic algorithms which we reverse-engineered and published in August 2023. Adding to our initial disclosure, this talk will present new details on our deanonymization attack and provide ...
|
| 12/27/23 |
Apple's cutting-edge emergency SOS and location sharing services provide crucial communication alternatives when no cellular network is available. This talk will shed light on how these satellite services work, how they are integrated into existing fall and crash detection, present the security measures employed to safeguard resource access and privacy, and explore how this communication is embedded within the operating system.
|
