Explore the world of cryptographic failures in malware through this enlightening conference talk from Hack.lu 2016. Delve into real-world examples of poorly implemented cryptography in various malware strains, including ransomware. Learn to identify common pitfalls and potentially exploit these weaknesses to subvert malicious intent. Gain insights into voodoo programming, Jedi mind tricks, the Linux Encoder, copy-and-paste errors, misuse of Windows Native Crypto API, and the Petya ransomware. Discover techniques for triaging encrypted files and understand the broader implications of cryptographic disasters in cybersecurity. Conclude with valuable takeaways and access to a specially designed tool for analyzing encrypted files.
Overview
Syllabus
Introduction
Voodoo Programming
Jedi Mind Trick
Linux Encoder
Copy and Paste
Using the Windows Native Crypto API
Petya Ransomware
Takeaways
Taught by
Cooper