[cryptography] Rocra malware targets files encrypted by Acid Cryptofiler

Alexander Klimov alserkli at inbox.ru
Thu Jan 17 13:02:32 EST 2013

On Wed, 16 Jan 2013, Kevin W. Wall wrote:
> 	... the campaign deploys malware to steal sensitive information,
> 	including files encrypted by Acid Cryptofiler, classified software
> 	used to safeguard confidential data maintained by such organizations
> 	as the European Union, the North Atlantic Treaty Organization (NATO)
> 	and European Parliament. ...
> I'm guessing that means that this Acid Cryptofiler is some
> severely flawed crypto software (or was written by the NSA and
> has some back door or side channel).

Usually, if one has a Trojan on the computer that is used to process 
encrypted data, then the Trojan has access to the plain text whether 
the encryption was flawed or not. In this scenario the encryption is 
just a hint to attacker which data is considered confidential.


More information about the cryptography mailing list