Cryptoviral Extortion: Malicious Encryption Exploited for Monetary Gain

“Cryptography is like literacy in the Dark Ages. Infinitely potent, for good and ill… yet basically an intellectual construct, an idea, which by its nature will resist efforts to restrict it to bureaucrats and others who deem only themselves worthy of such Privilege.” — “A Thinking Man’s Creed for Crypto”, Vin McLellan

Cryptoviral Extortion: Malicious Encryption Exploited for Monetary Gain

There is a certain level of sophistication and status surrounding the cryptography field. Typically, practitioners who regularly study ciphers and methods in an effort to utilize those encryption techniques in simplifying everyday life are held to high degree of recognition. This is mainly true because modern cryptography is so heavily based on mathematical theory and computer science, which involve a higher educational understanding than most other fields in Information Technology. In an age where access and convenience to private systems and information is becoming more available to the public, it is difficult to achieve total anonymity without utilizing some method of encryption. Online bank transactions for example are mostly conducted through the means of a secure communication layer which obfuscates your private data to protect your identity and assets from unauthorized hackers. However, the same methodology used to safeguard private data through means of encryption, is now being maliciously used by criminals to target and exploit unsuspecting victims for monetary gain.

Cryptoviral extortion is a particularly odious form of ransomware which essentially ‘kidnaps’ personal data through means of encryption. Then, if the victim wants their data restored, the unique decryption key will only be provided once they pay the ransom to the criminals. Late 2013 introduced a new variant of ransomware called “Cryptolocker”. Sophisticated developers used well known cryptographic algorithms to implement malevolent encryption of personal data. The way it works is rather simple. Once a windows-based computer is infected with the malicious code, it will begin to encrypt every document that is stored on the local computer, even those stored in mapped network drives and removable storage. Using RSA 2048 bit asymmetric key encryption, it is nearly impossible to retrieve the data without paying the ransom since the decryption key is stored on a secure remote server operated by the hackers. While the Cryptolocker variant is new to most users, this type of extortion has been around for quite some time. Strong asymmetric key encryption, like the encryption used in Cryptolocker is unfortunately not recoverable in theory without a decryption key, though risk of data loss can be lessened, or even avoided altogether by practicing safe computing techniques.

Extortion can be defined by the act or practice of getting money from someone through use of fear, force, or threats (Merriam-Webster, 2013). Historically carried out through abuse of privilege on the part of public figures using their political power to get money or favors, it is now commonly practiced by organized crime groups or malicious users. New occurrences of computer crime are becoming more prevalent in everyday life where personal data has become the prime target for criminals. As society continues to evolve further into the information age, the same can be said for organized crime. The basic principle of computer crimes is similar in principle, yet the methods have become more sophisticated in their execution. The latest iteration of computer crime tactics has introduced a Trojan software capable of “kidnapping” your personal data, holding it hostage until a ransom payment has been made. Utilizing sophisticated encryption standards, along with complete internet anonymity, it has gained a lot of attention from the media where there has been a bit of hype surrounding the topic. The media blitz about ransomware has publicly labeled this software as revolutionary, yet it is important to note that these “ransomware” tactics have been around for quite some time. The Cryptolocker Trojan is just the next evolution of ransomware that has learned from past criminal attempts to extort money from PC owners. What makes Cryptolocker different is that its encryption is perfect in execution, and near impossible to crack. Since the only way to decrypt the files is through a private key that the criminals possess, the only option is to pay, or lose the data.

Since its release around September 2013, Cryptolocker has been targeting only Windows Operating System versions ranging from Windows XP, through Windows 8, though future variants could potentially expand to include Mac OS X, or even Android/iOS mobile devices. The Trojan is usually spread through email pretending to be customer support issues for USPS, UPS, ADP, etc. (See left). Each email would contain a crafty message and a .ZIP attachment that once opened, would immediately start to infect the host computer (Abrams, 2013). The attachments fool users into believing they are valid because they disguise their file extension to look like a .PDF file and icon, though beneath the cloak is a malicious executable waiting to begin the encryption process.
The encryption begins once the executable is started, and will scan all physical or mapped network drives on the host computer for files with the following extensions (Abrams, 2013):

*.odt, *.ods, *.odp, *.odm, *.odc, *.odb, *.doc, *.docx, *.docm, *.wps, *.xls, *.xlsx, *.xlsm, *.xlsb, *.xlk, *.ppt, *.pptx, *.pptm, *.mdb, *.accdb, *.pst, *.dwg, *.dxf, *.dxg, *.wpd, *.rtf, *.wb2, *.mdf, *.dbf, *.psd, *.pdd, *.pdf, *.eps, *.ai, *.indd, *.cdr, *.jpg, *.jpe, *.jpg, *.dng, *.3fr, *.arw, *.srf, *.sr2, *.bay, *.crw, *.cr2, *.dcr, *.kdc, *.erf, *.mef, *.mrw, *.nef, *.nrw, *.orf, *.raf, *.raw, *.rwl, *.rw2, *.r3d, *.ptx, *.pef, *.srw, *.x3f, *.der, *.cer, *.crt, *.pem, *.pfx, *.p12, *.p7b, *.p7c.

After each file is found, it will encrypt it using the public key generated through RSA-2048 encryption and a message will be displayed to the user, explaining that their data is now encrypted and they must pay the ransom within 72 hours or the private key will be destroyed. (See below). Unfortunately, after the encryption has taken place, there is not much choice left for the victim. They must either succumb to the extortion and pay the criminals using anonymous payment methods like Bitcoin or MoneyPak vouchers, or leave their files encrypted without chance of future recovery. The underlying mathematics behind the RSA-2048 cryptographic system that Cryptolocker has implemented is what makes it such strong as an encryption standard, and why recovery is not an option.

The RSA-2048 cryptosystem uses what is called Asymmetric key encryption where there is a public key (used to encrypt the files), and a private key (used to decrypt the files). The difficulty is entirely based on the ability of factoring extremely large numbers. Because of the computational difficulty to factor a 2048bit number, only someone with the knowledge of the prime factors can feasibly decrypt the data. To further illustrate this method of factoring, let us assume the number (modulus) used is N=15. Without getting too involved into the RSA algorithm, we know that 15 is the product of only two numbers, 5 * 3, so the factors P and Q would be P=5, and Q=3. Knowing that information, we would be able to decrypt that message by plugging those (private) primes P and Q into the RSA algorithm. But what if N did not equal 15, what if it was a much larger number, like the 2048bit (617 digits long) numbers used by the Cryptolocker malware. To provide perspective, a 617 digit number sample from Symeon Xenitelis’s guide to PKI and Open-source Implementations book is provided below (Xenitellis, 2000).

27928727520532098560054510086934803266769027328779773633517624932519959782855440353509062663825852727223986298676726328202776042265127475116423330432277935745868052617793594651686619933029730312573799176384081348734718092523534765500572439819131028990684498563888859874177855756336652257804467879680080859571614665706994859343608810676186674067708949755093039975941211253008157978789036441127011095726560212571370863346201690633153889542846093941923225064368851460069960392982454529684837005125465003797310139479221307918200583851065828489354285517184240655579549337386740031302249496379882799360098372401884741329801

This large number is the product of two prime numbers (P and Q), just like in the simplified example before. But due to the complexity of factoring numbers this large, it is theoretically impossible to find the two prime factors in any reasonable amount of time, given our current understanding of technology and speed limitations of our fastest processors. One can relate a timeframe for this work by referencing the RSA-640 cryptosystem (193 decimal digits) which took 5 months to factor on 80 simultaneously running 2.2GHz AMD Opteron CPUs (RSA Labs, 2008). Factoring RSA-2048 could take exponentially more time to compute, with far more resources needed for its operations. It was DigiCert that released an estimate that it would take roughly 6.4 quadrillion years to break RSA-2048 using “standard desktop processing” (Digicert, 2013). It is feasible however, for a well-resourced government to make progress in breaking RSA-2048 in the near future, given the focus for encryption and anonymity in the IT world today. For the purpose of demonstration, if someone did manage to factor the RSA-2048 modulus N above, they would come up with the factors P and Q. Where P is:

177911439335095959181279544996533836012188350981603422742171934946413277840084689147445712058908213332530260417982181001327467441044697854896458761089076165690493808885786069413849140325628587531392006940877675272901028352093634311510267630211705969129522940083486708968411430220927632138221540171427701495839

And Q is:

156981066675135922256519101186618530880869960811759113454958199019339050362200325314371832686072348092195221836669795595987275285870475032000847646645415387334949112223814090686488419575049948728896634283801626536461623719197189969994908907210550253093036639271282283237116072434851400420434671809603239292759

Each pair used by the Cryptolocker Trojan is unique only to the computer that is infected with the malicious code, so even if the private key was obtained for one user, it would not be able to be applied to any others since they all would use a separate large number public key and private key combination. Although once encrypted, there is no way to retrieve your data, there are ways to protect and mitigate this Cryptoviral extortion from taking root in the first place.

Security should be primary focus for anyone connected to the internet, and even when safe computing is practiced, there is no way to be entirely protected. Cryptolocker seeks to take away something valuable from its victims, which is why there is profit in what they do. When something valuable is lost, people are willing to pay to get it back in most situations, no matter the cost. If a computer containing the only copies of precious family photos or critical bank information was maliciously encrypted, the computer owner would want to get them back at all cost. To protect from the harmful effects of Cryptolocker, the solution is simple. Backup your data, often. Regular backups are something that is stressed all the time. Yet many people still neglect to perform their scheduled backups for some reason. With prices for external hard drives and cloud storage consistently reducing in price, incentive to start making backup copies of critical data has never been easier. If a user who performed regular backups was infected with the Cryptolocker Trojan, it would be simply a small inconvenience for them to just restore their original files from their backup, and go on without ever having to pay the criminals. When the criminals realize that there is no longer profit in what they do, they would be forced to stop since they are not getting paid. And while there is no insight to what the next wave of criminal malware will contain, the better we can protect ourselves right now, the more prepared we will be for what comes next. But what if what comes next renders classical encryption standards like RSA obsolete?

Like mentioned before, it is nearly impossible to derive a private key from the public key in any reasonable amount of time. This is only true because factoring is a hard problem on classical computers. Yet that security model would fail if quantum computers, machines with exponentially more processing power than today’s technology become a reality. “It is reasonably clear that the classical encryption methods we are using today are going to become insecure in the long term,” says physicist Vadim Makarov of the Institute for Quantum Computing at the University of Waterloo. Using sent and received photons; a quantum computer can interpret the photons shape, spin, and polarization as digital 1s and 0s. If someone attempts to spy on the process and intercept the photons en route, then a disturbance is created and the transaction would be concluded to be insecure. This is because “The laws of physics say that if I am sending light, any attempt by an eavesdropper to make a measurement on that must create a disturbance”(Mone, 2013). Instead of using factoring as a method of security, quantum cryptography uses the laws of physics. This means that no matter how far we progress in technology, the quantum cryptosystem would remain secure because speed and efficiency of processors have no effect on physics law. Yet even with future innovations, criminals will always try to exploit the weak for personal gain, and will continue to do so as long as there is profit involved. Even with quantum computing there are weaknesses that have already been discovered that could render that implementation obsolete. Cryptolocker uses our strongest encryption against us, and there is no reason that a future Cryptolocker would not be able to do the same. A more secure future is one where end users are more security-aware and participate in safe computing practices. Educating users to not open up email attachments from unknown senders, and maintaining up-to-date virus protection software is really the first level of protection in reducing threats online. Eliminate human error.

This paper was written as a final assignment during my undergrad. The original PDF can be viewed here:

COSC374-WrittenAssignment

References:

Merrim-webster online. In (2013). Define: Extortion. Springfield, MA: Merriam-Webster.
Retrieved from http://www.merriam-webster.com/dictionary/extortion

Abrams, L. (2013). Cryptolocker ransomware information guide and faq. Bleeping Computer,
Retrieved from http://www.bleepingcomputer.com/virus-removal/cryptolocker-ransomware-information

Xenitellis, S. (2000). The open-source pki book: A guide to pkis and open-source
implementations. OpenCA Team. Retrieved from http://ospkibook.sourceforge.net/docs/OSPKI-2.4.6/OSPKI.pdf

RSA Labs. (2008). The rsa factoring challenge. Retrieved from http://www.emc.com/emc-
plus/rsa-labs/historical/the-rsa-challenge-numbers.htm

Mone, G. (2013). Future-proof encryption. Communications of the ACM, 56(11), 12-14.
Retrieved from http://cacm.acm.org/magazines/2013/11/169023-future-proof-encryption/fulltext

Digicert. (2013). The math behind estimations to break a 2048-bit certificate. Check Our
Numbers, Retrieved from http://www.digicert.com/TimeTravel/math.htm

Tags// ,