It’s no secret that malware authors, particularly of specialized, targeted malware and ransomware, use encryption to aid in hiding functionality of code, as well as data like email and server addresses, IPs, and much more.
Due to this, it’s useful to learn about encryption. Python also happens to be the scripting language of choice these days (it’s used for Immunity Debugger and IDA Pro too), so I’ve been spending this past week getting caught up on Python and combining that with cryptography practice. I’m following along in the book Hacking Secret Ciphers With Python, by Al Sweigart 1 .
This book is a very gentle introduction to cryptography, but relevant none the less. It is more of an introduction to Python for me to freshen up… After all, it’s been since I was 11 or 12 years old since I used the language… Though it’s not known for being particularly complicated.
On a more serious note, I’m reading the book Applied Cryptography by Bruce Schneier 2 as my real “Introduction to Cryptography” text and it is certainly a lot more detailed and involved in cryptography than the Python book. Next on the reading list in this variety will be Cryptography Engineering: Design Principles and Applications 3 .
Cryptography is a fascinating field and it goes hand-in-hand with privacy, infosec, and even malware; all of which I am heavily interested in. For example, attacking cryptography can lead to the reversal of ransomware, as demonstrated by Emsisoft’s Fabian Wosar 4 on the HERMES ransomware. I highly recommend these books and will be returning to my regular malware analysis posts in the near future, with the added benefit of being able to write up some Python scripts to attack malware crypto.