Categories: CryptoNews

CTB-Locker Sends Decryption Keys Over Bitcoin Blockchain

An interesting article has surfaced on PC World, which details how Bitcoin ransomware infections through CTB-Locker can be solved by looking at Bitcoin transactions. Or to be more precise, that would be the most positive outcome as this malware apparently stores decryption keys within the metadata of Bitcoin transactions.

Also read: ShapeShift CEO Erik Voorhees Reveals Hack Was an Inside Job

A New Way To Crack CTB-Locker?

CTB-Locker has proven to be quite an annoying strain of Bitcoin ransomware, which has been all but impossible to crack by security experts. Up until now, that is, as it turns out finding these decryption keys is not as difficult as originally assumed. But it will not be a walk in the park either; that much is certain,

According to the PC World article, the author of CTB-Locker has come up with the ingenious way of storing the decryption key for every infection on the Bitcoin blockchain. Keeping in mind how all of these transactions are broadcasted to the public, the creators have designed this method to deliver the decryption keys to victims who paid the ransom.

This is a step up from the previous c&c server strategy Bitcoin ransomware used. CTB-Locker would send information back to the creator’s own servers to confirm the payment, and that same route would be used to deliver the decryption key to the victim. But this is not the most reliable method and a new solution had to be found.After all, why not use the Bitcoin blockchain?

Related Post

The OP_RETURN field found within the Bitcoin source code makes this principle possible. This same function lets users include a message or other data with every transaction, and can easily hold a decryption key. Although these transactions are not validated by the blockchain – assailants create bogus tx on purpose – it is still recorded on the blockchain.

Once this step has been completed, the CTB-Locker ransomware will execute a script to scan the blockchain for the transaction history linked to the Bitcoin address used. The decryption key is extracted from the bogus transaction, and file access is restored. In a way, this system is elegant and kind of interesting, although it is being used for nefarious purposes.

Source: PC World

Images credit 1,2

If you liked this article follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin and altcoin price analysis and the latest cryptocurrency news.

JP Buntinx

JP Buntinx is a FinTech and Bitcoin enthusiast living in Belgium. His passion for finance and technology made him one of the world's leading freelance Bitcoin writers, and he aims to achieve the same level of respect in the FinTech sector.

Share
Published by
JP Buntinx

Recent Posts

Aptos (APT) and Tron (TRX) Prices Slide, As Volume Soars For Rollblock Suggesting Parabolic Rally

As Aptos and Tron prices take a recent downturn, the spotlight shifts to Rollblock, whose…

6 hours ago

Altcoins to Watch in November: Binance Coin (BNB), Rollblock (RBLK), and Neiro (NEIRO)

As the crypto markets roll into their most bullish time of year, we present three…

6 hours ago

Analysts Forecast $1 for Cardano and Lunex Network As Dogwifhat Plunges To Former Lows

As the crypto market prepares for a major rally, experts believe that two top altcoins,…

6 hours ago

Retail Traders Panic Sell During ‘Fake Dip’; Whales Hold Tight to SOL, DTX, and SHIB for a Millionaire-Maker Bull Run

Solana (SOL): A Strong Ecosystem Despite Volatility Solana (SOL) has been all over the place…

7 hours ago

Llama 3.2 Predicts Price For Dogecoin: $2 Peak By 2025 And $5 Rally For DTX Exchange This Winter

Cryptocurrency trends are keen on the forecast that was recently released by Llama 3.2 model…

8 hours ago

Crypto Whale Sparks 8x Surge In $OPK Price with Massive Buy-in

A mysterious crypto whale, who previously invested 9,600 SOL into tokens $Pnut and $FRED, has…

9 hours ago