Browse > Article
http://dx.doi.org/10.13089/JKIISC.2018.28.2.339

Study on Cryptographic Analysis of Erebus Ransomware  

Kim, Soram (Dept. of Financial Information Security, Kookmin University)
Kim, Jihun (Dept. of Financial Information Security, Kookmin University)
Park, Myungseo (Dept. of Financial Information Security, Kookmin University)
Kim, Daeun (Korea Internet & Security Agency)
Kim, Jongsung (Dept. of Financial Information Security, Kookmin University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.28, no.2, 2018 , pp. 339-346 More about this Journal
Abstract
Ransomware is a malicious program that requires money by encrypting data. The damage to ransomware is increasing worldwide, and targeted attacks for corporations, public institutions and hospitals are increasing. As a ransomware is serviced and distributed, its various usually emerge. Therefore, the accurate analysis of ransomware can be a decryption solution not only for that ransomware but also for its variants. In this paper, we analyze a cryptographic elements and encryption process for Erebus found in June, 2017, and investigate its cryptographic vulnerability and memory analysis.
Keywords
Ransomware; Erebus; Vulnerability;
Citations & Related Records
연도 인용수 순위
  • Reference
1 RanCert, "2017 Ransomware Infringement Analysis Report," 2017-A-0201, Feb. 2017
2 NOMORERANSOM, "https://www.nomoreransom.org/ko/partners.html"
3 Trendmicro, "https://www.trendmicro.com/vinfo/us/security/news/cyber-attacks/erebus-linux-ransomware-impact-to-servers-and-countermeasures"
4 armMBED, "https://tls.mbed.org/aes-source-code"
5 AhnLab, "ASEC REPORT," pp. 1-21, Vol. 87, Apr. 2017
6 AhnLab, "Recent Ransomware Trend Analysis," pp. 1-43, Jan. 2017
7 ESTSecurity, "http://blog.alyac.co.kr/1204"
8 ESTSecurity, "http://blog.alyac.co.kr/676"
9 ESTSecurity, "http://blog.alyac.co.kr/1105"