It’s high time the Crypto Girl talks about Crypto, isn’t it?
A few days ago, I analyzed a malicious Opera Updater, named SymbOS/OpFake.A!tr.dial, and was surprised to discover it uses a 91-byte XOR key to conceal one of its configuration file. 91 bytes?! Yes, bytes, so 728 bits. This is quite a lot. AES only uses keys up to 256 bits, though I do not mean it would be less secure than this XOR. But it is a first for mobile malware where we had only seen XOR used with a single byte key. Have a look at the disassembled decryption routine below.
Actually, this is another confirmation to my talk at RSA Conference Europe, where I explained that 1-byte key XOR encryption is still very popular among malware authors but that they are gradually shifting to more complicated algorithms. Actually, I had meant algorithms such as AES 😉 but a 91-byte key for XOR is another way of complicating things… Feel free to check my slides or the demo video below.
Fortunately, for SymbOS/OpFake.A!tr.dial, the key was provided at the beginning of the encrypted file. First the key length (0x5b = 91), then the key, then the ciphertext.
– the Crypto Girl
References: F-Secure’s blog post on OpFake
Leave a reply