Techly NewsGet the app

Get the latest tech news

Decrypting Encrypted files from Akira Ransomware using a bunch of GPUs


I recently helped a company recover their data from the Akira ransomware without paying the ransom. I'm sharing how I did it, along with the full source code. The code is here: https://github.com/yohanes/akira-bruteforce To clarify, multiple ransomware variants have been named Akira over the y

The malware uses multiple threads, It runs on a machine that is not idle, the distance between T3 and T4 varies based on the scheduler and how busy the system at that time. in VMFS, accuracy is secondThe malware uses multithreading, where each file is processed in a new thread, with a pool of workers limited by the number of CPU cores. It turned out that the malware included a slight modification in the initialization vector and the encryption process, specifically involving endian swapping.

Get the Android app

Or read this on Hacker News

Read more on:

Photo of Files

Files

Photo of bunch

bunch

Photo of GPUs

GPUs

Related news:

News photo

Cohere targets global enterprises with new highly multilingual Command A model requiring only 2 GPUs

News photo

CISA: We didn't fire red teams, we just unhired a bunch of them

News photo

Nouveau On NVIDIA Turing GPUs & Newer Will Now Prefer NVK+Zink For OpenGL

« Exo: Exocompilation for productive programming of hardware accelerators
AT&T technician Mark Klein, who exposed secret NSA spying, dies »