Flawed encryption logic used in Cl0p (Clop) ransomware’s Linux (ELF) variant has allowed SentinelOne researchers to create and release a free decryptor. “The [Cl0p] Windows variant encrypts the generated RC4 key responsible for the file encryption using the asymmetric algorithm RSA and a public key. In the Linux variant, the generated RC4 key is encrypted with a RC4 [hardcoded] ‘master-key’,” the researchers explained. The differences between Windows and Linux variants The Linux Cl0p variant is … More
The post Released: Decryptor for Cl0p ransomware’s Linux variant appeared first on Help Net Security.
