in context: Akira is a dangerous, multipletform ransomware threat that is active since 2023. The script is available for the script kidneys and cyber criminals as a rangesmware-e-sarvis product, Malware has targeted over 250 outfits and earned up to $ 42 million for its unknown developers.
An Indonesian programmer, Yohanus Nugaroho, who works on personal coding projects in his free time, developed “Dikrypter” for Akira Rainmware. The device employs a novel approach to solve a complex mathematical problem, which exploits the high equality of the modern GPU to test millions of major combinations in a very short deadline.
Nugroho documented his journey through Akira’s file-encrypting code on its private website. He joined with a friend’s Linux version to help a friend. On analyzing the code, Nugroho found that the ransomware uses the current time as a seed to generate strong encryption keys.
The encryption process dynamically generates unique key to each file, using four different -different timestamp seeds with “nanocycond prohibition”. These keys are then performed through 1,500 rounds of the SHA-256 function. Finally, the key is encrypted using the RSA-4096 algorithm and attached to the end of each encrypted file.
The extreme precision of the encryption of Akira makes the decrying work complex and tedious, as malware can generate more than one billion potential values per second. However, Nugroho’s work was easily thanked for the log files provided by his friend. With this data, he was able to determine when the ransomware was executed, allowing him to prepare an encryption benchmark, so that it would be estimated how much time the dikipter would take.
Nugroho initially tried to carry out a brute-force attack on Geforce RTX 3060, but GPU was very slow, processing only 60 million combinations per second. Upgrading to a high -level GPU (RTX 3090) did not improve the speed significantly, so they decided to rent GPU time via Cloud Services Runpod and Vast.Ai. Using 16 RTX 4090 GPU in Cloud, Nugroho was able to complete the benchmark process in only 10 hours.
Nugroho notes will be an excellent choice for decrying the files compromised by GeForce RTX 4090 Akira Rancemware, thanks to its high number CUDA core and relatively low fare price. The developer has provided its code under an open-source license, encouraging “GPU experts” to detect and adapt opportunities. In its current form, the Akira Dikrypter can achieve about 1.5 billion encryption per second for Kcipher2 at a Geforce RTX 3090.
