Cryptoviral extortion using Microsoft's Crypto API

@article{Young2006CryptoviralEU,
  title={Cryptoviral extortion using Microsoft's Crypto API},
  author={A. Young},
  journal={International Journal of Information Security},
  year={2006},
  volume={5},
  pages={67-76}
}
  • A. Young
  • Published 2006
  • Computer Science
  • International Journal of Information Security
    • This paper presents the experimental results that were obtained by implementing the payload of a cryptovirus on the Microsoft Windows platform. The attack is based entirely on the Microsoft Cryptographic API and the needed API calls are covered in detail. More specifically, it is shown that by using eight types of API calls and 72 lines of C code, the payload can hybrid encrypt sensitive data and hold it hostage. Benchmarks are also given. A novel countermeasure against cryptoviral extortion… CONTINUE READING
    View on Springer
    page-one.springer.com
    28 Citations
    Highly Influential Citations
    1
    Background Citations
    8
    Methods Citations
    4

    Figures from this paper

    Figures

    28 Citations
    Citation Type

    Citation Type

    An Implementation of Cryptoviral Extortion Using Microsoft's Crypto API
    • 9
    • PDF
    An Implementation of Ransomware Malicious Software in Python
    • PDF
    Overinfection in Ransomware
    PayBreak: Defense Against Cryptographic Ransomware
    • 105
    • PDF
    Vulnerability Analysis on the CNG Crypto Library
    • Kyungroul Lee, I. You, Kangbin Yim
    • Computer Science
    • 2015 9th International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing
    • 2015
    • 3
    Ransomware Analysis and Defense-WannaCry and the Win32 environment
    • 2
    A 0-Day Aware Crypto-Ransomware Early Behavioral Detection Framework
    • 20
    Dynamic ransomware protection using deterministic random bit generator
    • 9
    Security Issues on the CNG Cryptography Library (Cryptography API: Next Generation)
    • 9
    Static and Dynamic Analysis of Third Generation Cerber Ransomware
    • I. Kara, M. Aydos
    • Computer Science
    • 2018 International Congress on Big Data, Deep Learning and Fighting Cyber Terrorism (IBIGDELFT)
    • 2018
    • 5

    References

    SHOWING 1-10 OF 16 REFERENCES
    Building a Cryptovirus Using Microsoft's Cryptographic API
    • 11
    Cryptovirology: extortion-based security threats and countermeasures
    • A. Young, M. Yung
    • Computer Science
    • Proceedings 1996 IEEE Symposium on Security and Privacy
    • 1996
    • 172
    • PDF
    A method for obtaining digital signatures and public-key cryptosystems
    • 7,156
    • PDF
    Optimal Asymmetric Encryption
    • 907
    • PDF
    A Practical Mix
    • 213
    • PDF
    Untraceable electronic mail, return addresses, and digital pseudonyms
    • 3,030
    • PDF
    How Much Security Is Enough to Stop a Thief?: The Economics of Outsider Theft via Computer Systems and Networks
    • 113
    • PDF
    Mixing E-mail with Babel
    • Ceki GĂĽlcĂĽ, G. Tsudik
    • Computer Science
    • Proceedings of Internet Society Symposium on Network and Distributed Systems Security
    • 1996
    • 351
    • PDF
    Almost entirely correct mixing with applications to voting
    • 98
    • PDF
    Announcing Approval of Federal Information Processing Standard (FIPS) 180-2, Secure Hash Standard; a Revision of FIPS 180-2
    • Federal Register 67(165), 54785–54787
    • 2002