RSA ransomware

Newly-detected ransomware called CryptoBit uses both AES and RSA crypto.

PandaSecurity researchers Alberto Moro, Abel Valero, and Daniel Garcia say the ransomware uses AES encryption, then uses RSA encryption to encrypt the AES key.

It's not all done perfectly: the trio say "we notice the absence of calls to the native libraries that encrypt files using the RSA algorithm … CryptoBit uses a series of statically compiled routines that allow you to operate with large numbers - 'big numbers' - making it possible to reproduce the RSA encryption algorithm,"

The team says the ransomware is otherwise impressive in its ambition to use "serious cryptography".®