Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: Unencrypting Extortion Malware - SANS Internet Storm Center SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Unencrypting Extortion Malware
The good people at Kaspersky have once again provided a free utility to "unencrypt" extortion malware.  Trojan.Win32.Krotten  is used to extort cash from infected users. "Krotten differs from GPCode in that GPCode encrypted data saved to disk. Krotten corrupts the system registry." Details and a link to the utility are in their blog today.

Thanks Kaspersky!

193 Posts
Nov 8th 2005

Sign Up for Free or Log In to start participating in the conversation!