Kaspersky Lab has added more detail on the fiendish ‘Onion’ (aka 'Critroni') ransom Trojan that uses the Tor anonymity service to hide its command and control (C&C) as well as displaying a level of thoughtfulness about its encryption design that bodes ill for future attacks.
CryptoLocker was bad but with the program that kicked off the peak of the ransom malware age now largely neutered thanks to police intervention the criminals have already moved on to the next set of innovations.
As Kaspersky researcher Fedor Sinitsyn explains, recent crypto malware will use a cunning mixture of public key (i.e. asymmetric) RSA encryption to generate a primary key used to encrypt the AES (i.e symmetric) key used to scramble each file on a victim’s system.
That’s already quite a grown-up if logical way to attack a user’s PC because it means that even with huge amounts of processing horsepower the symmetric key can’t be attacked because anyone doing this will first have to get hold of the criminal’s private key.
Onion could have used RSA or Diffie-Hellman for the public key encryption part of its nastiness but the criminals behind it decided to showboat a bit and use the more advanced Elliptic Curve Diffie-Hellman (ECDH) instead. The significance of this? Kaspersky’s blog on the topic dodges that but the over-riding reason must have something to do with the key efficiency of elliptic curve.
Securing a 128-bit AES key using RSA would ideally require a 3,072-bit key; doing the same using ECDH drops that to 256-bits. Put another way, the same level of security can be reached with fewer cycles. The temptation for anyone exploiting this aspect of ECDH would be, one assumes, to ramp up the key sizes to boost security even further.
Or it could be that the criminals are testing their smarts for a new generation of crypto malware that will up the ante to silly levels far beyond law enforcement. That suggests a wider interest beyond conning consumers and small businesses out of a heap of Bitcoins, the currency demanded by Onion.
To make matters worse, the designers of Onion repeated this ECDH design when encrypting the traffic to and from their server which itself is hosted inside Tor. Using Tor is to cover C&C is not new for botnets although none of the common ransom Trojans have tried this approach until Onion appeared.
There are pros and cons to this. Tor should in theory slow down to the to and fro of traffic but it also buys some time. Researchers will take a lot longer to trace C&C servers if they are hidden within Tor and for the criminals that is worth a lot for a business built on milking victims in days and weeks rather than months.
“Now it seems that Tor has become a proven means of communication and is being utilised by other types of malware,” said Sinitsyn, who believed that its use had proved successful.
“Hiding the command and control servers in an anonymous Tor network complicates the search for the cybercriminals, and the use of an unorthodox cryptographic scheme makes file decryption impossible, even if traffic is intercepted between the Trojan and the server, he added.
“All this makes it a highly dangerous threat and one of the most technologically advanced encryptors out there.”
So far, the Trojan seems to have been picked up at a relatively early part of its release so it is not invulnerable. The number of infected system in a handful of countries numbered only a few dozen, the firm said, although different variants probably also existed.
Ransom and encryption-based malware is going through a boom right now, spurred on by the toxic legacy of CryptoLocker’s success. When that was disrupted in June, police said that it might return in time. A more disturbing possibility is that it won’t return at all but a clutch of skilled imitators will.