According to Tom'sHardware, when attacked by ransomware, victims usually have two options: pay the ransom to recover their data or accept the loss of everything. However, a new method allows data decryption without compromising with the hacker – simply by investing in sufficient graphics cards (GPUs). Blogger Tinyhack discovered a method to brute-force the encryption key (trying all possible decryption codes/keys) of the Akira ransomware – one of the most prevalent malware in the world – using GPUs, but this process consumes significant hardware resources. Using an RTX 4090 card, the decryption process can take up to 7 days. Meanwhile, using 16 GPUs running in parallel can reduce the time to about 10 hours.
By leveraging the computing power of multiple GPUs, it's possible to decrypt data without paying a ransom. However, not everyone has the resources and technical expertise to do so.
PHOTO: SCREENSHOT FROM WCCFTECH
The Akira malware uses the ChaCha8 and KCipher2 encryption algorithms, generating keys based on four timestamps accurate to the nanosecond. Because the system can only generate keys within a narrow range (approximately 5 million nanoseconds, or 0.005 seconds), GPUs can run brute-force attacks to try every possible timeframe within this range and find the correct key.
However, this method isn't always effective. For successful decryption, the encrypted data must remain intact, because if the file is altered after infection, crucial timestamps may be lost. Additionally, if the data is stored on a network storage system (NFS) instead of a local hard drive, server latency can make determining the exact time more difficult.
Due to the enormous processing demands, compromised organizations may need to rent GPU servers from services like Runpod or Vast.ai to speed up decryption. One Tinyhack customer took approximately three weeks to decrypt all infected data using this method.
Finding a way to decrypt ransomware without paying a ransom is a significant step forward in cybersecurity. However, the cost of implementing this method remains high, requiring investment in a powerful GPU system or significant time commitment. Meanwhile, those behind ransomware may soon find ways to patch this vulnerability, rendering decryption impossible.
No matter how powerful the tools are, the most effective security factor still lies with people. Equipping yourself with cybersecurity knowledge, backing up data regularly, and implementing preventative measures are the best ways to avoid being forced to choose between paying a ransom and spending tens of thousands of dollars on hardware to decrypt your data.
Source: https://thanhnien.vn/tra-tien-cho-hacker-hay-nang-cap-gpu-de-be-khoa-ma-doc-185250318012318626.htm
Comment (0)