How do ransomware operators keep track of thousands/millions of decryption keys...

hatrickpatrick

...for different infected devices?

Let's say my laptop gets infected by the WannaCry ransomware currently dominating the news. It becomes one of millions of devices which have been infected and had their files encrypted. The hackers then demand a bitcoin payment in exchange for decryption of my files.

What I don't get is this. Clearly they have to use a different decryption key for each individual infection - otherwise, one person could simply pay the ransom and then share the decryption key they receive with everyone else in the world who has been infected. They must be generating unique pairs of keys for every individual device that is infected.

But how do they keep track? If I pay them, how do they know which of the keys they have stored in their list of infections matches my specific computer? How do they even know which specific computer my payment corresponds to - is it by MAC address or something like this? And if the malware is transmitting the keys back to the operators, can it not be intercepted en route? If they're using asymmetric public key cryptography, surely they'd have to have the keys generated before the infection takes place?

I've been struggling to understand this since the ransomware thing went so massively viral over the last week - I'm imagining that they have some excel document with an inconceivably massive list of decryption keys, but I can't figure out how they match it to a specific computer and match particular bitcoin payments to a specific computer on top of this. How many bitcoin addresses can one wallet have pointing to it, for example - is it conceivable that each infected device is given a unique bitcoin address to which to send payment, thereby identifying that individual device as having paid the ransom?

hatrickpatrick

Mr.S wrote: »

It may come as a surprise...

But they don't actually decrypt your computer once you pay :eek:

That was my first assumption. On the other hand, if they don't, surely this would have been long since publicised and therefore nobody would be paying them, thereby killing the ransomware "business model"?

testicles

This post has been deleted.

PrzemoF

Not really answer to your question, but an average database can easily handle millions of records.

Bacchus

Recommendations for WannaCry is to not pay the ransom. This is in part down to what seems to be terrible management of they keys and tracking of who it is that paid the ransom. So yeah, the answer is (in this case) they're no managing to keep track of all those keys well at all!

hatrickpatrick

hatrickpatrick wrote: »

...for different infected devices?

What I don't get is this. Clearly they have to use a different decryption key for each individual infection - otherwise, one person could simply pay the ransom and then share the decryption key they receive with everyone else in the world who has been infected. They must be generating unique pairs of keys for every individual device that is infected.

Yes it encrypts the system using 128bit AES and sends your key back to a command and control server using TOR. Each key is generated at the time of encryption and yes it's unique per instance.

But how do they keep track? If I pay them, how do they know which of the keys they have stored in their list of infections matches my specific computer? How do they even know which specific computer my payment corresponds to - is it by MAC address or something like this? And if the malware is transmitting the keys back to the operators, can it not be intercepted en route? If they're using asymmetric public key cryptography, surely they'd have to have the keys generated before the infection takes place?

Your system will be uniquely tagged and stored in a database on the remote server. It's not very different to how usernames and accounts are stored for the likes of boards.ie

It can't be intercepted 'en route' as it's using onion routing.

There may be a possibility of recovering the keys from memory at the time of infection but this relies on many factors.

I've been struggling to understand this since the ransomware thing went so massively viral over the last week - I'm imagining that they have some excel document with an inconceivably massive list of decryption keys, but I can't figure out how they match it to a specific computer and match particular bitcoin payments to a specific computer on top of this. How many bitcoin addresses can one wallet have pointing to it, for example - is it conceivable that each infected device is given a unique bitcoin address to which to send payment, thereby identifying that individual device as having paid the ransom?

They have only three bitcoin wallets in use, again the connection to their onion address will uniquely tag you.

It's in their interest to
A be as secure as possible so it's impossible to recover the files without getting the key and
B to provide you the key when you pay.

The reason it's in their interest to provide the key when you pay is so others will think it's a viable solution that they WILL get their data back if they just pay the ransom.

https://github.com/gentilkiwi/wanadecrypt

https://github.com/aguinet/wannakey

ItHurtsWhenIP

hatrickpatrick wrote: »

...for different infected devices?

Let's say my laptop gets infected by the WannaCry ransomware currently dominating the news. It becomes one of millions of devices which have been infected and had their files encrypted. The hackers then demand a bitcoin payment in exchange for decryption of my files.
...

WannaCry is not as pervasive as the headlines would make you think. There's only been somewhere between 200k-250k machines affected by it. That's a negligible number in internet terms.

The only reason it grabbed all the attention was because it was a new concept "Wormy Ransomware" (think camera-phone ) and it rather badly impacted on the UK's National Health Service (~70,000 machines).

If it wasn't for the latter, it's likely only security-nerds would have heard about it.