Exploitation of the Vulnerabilities of Hive Ransomware for Finding the Private Key

EasyChair Preprint 10069

21 pages•Date: May 12, 2023

Nunzio Amato, Riccardo Di Pietro and Stefano Zanero

Abstract

The spread of ransomware has become one of the major sources of cyber risk in recent years. Once installed on a machine, this type of malware encrypts victim's files and demands a ransom for the decryption key needed to regain access to the locked assets. The cost required for data recovery is very high and many companies do not have the funds to pay it. In this paper, we analyze the Hive Ransomware (version v5, v5.1, v5.2) and study its vulnerabilities during the generation of the private key used for encrypting the master key. By using these weaknesses, we provide a tool for all companies infected with this type of malware so that they are able to recover their data without the need to pay the ransom.

Keyphrases: Nonce, frequency, private key

Links:

https://easychair.org/publications/preprint/lHp6

BibTeX entry

BibTeX does not have the right entry for preprints. This is a hack for producing the correct reference:

@booklet{EasyChair:10069,
  author    = {Nunzio Amato and Riccardo Di Pietro and Stefano Zanero},
  title     = {Exploitation of the Vulnerabilities of Hive Ransomware for Finding the Private Key},
  howpublished = {EasyChair Preprint 10069},
  year      = {EasyChair, 2023}}

Download PDF Open PDF in browser