News Overview
- A security researcher, Yohanes Nugroho, developed a tool to decrypt Akira ransomware’s files using brute-force techniques powered by cloud-based GPUs.
- The decryption process required 16 high-end RTX 4090 GPUs, which reduced the time required to break the encryption to about 10 hours at a cost of $1,200, which is cheaper than paying the ransom.
- The decryption tool is now publicly available for others affected by the ransomware to use.
Original article link: One of the most powerful ransomware hacks around has been cracked using some serious GPU power
In-Depth Analysis
- Akira Ransomware Encryption: Akira ransomware uses a sophisticated encryption scheme that generates unique keys for each file based on timestamps and RSA-4096 encryption. This encryption is appended to the files, making it difficult to break without the correct decryption key.
- Brute Force Decryption: Nugroho’s tool uses brute-force methods, analyzing logs and metadata to pinpoint the correct keys. While initially, GPU models like the RTX 3060 and 3090 proved inefficient, switching to 16 RTX 4090 GPUs in the cloud allowed for a significant performance boost, cracking the encryption in just 10 hours.
- Cost-Efficiency: The total cost for the GPU-powered decryption process was approximately $1,200, which is far less than the ransom demands that victims often face. The decryption tool was also shared on GitHub, allowing other victims of the ransomware to access the tool for free.
Commentary
The success of this GPU-powered decryption effort highlights the growing role of advanced hardware in cybersecurity, particularly in the battle against sophisticated ransomware. By utilizing high-performance GPUs in cloud environments, researchers can tackle encryption methods that were previously thought to be unbreakable.
While this decryption tool provides a cost-effective solution to affected victims, it also raises questions about the future of ransomware defenses and whether similar tools could be used for other types of encryption. However, relying on such brute-force methods is not always practical for all victims, especially those without the technical know-how or financial resources to access powerful GPU services.
This breakthrough underlines the importance of having robust backups and security measures to prevent ransomware attacks in the first place.