Credit: Utku Sen & demonslay335
It is tragic when software vendors ship backdoors to their customers, but less tragic when that software is an open-source ransomware example copypastad into active malware. In March of 2015, Utku Sen and demonslay335 noticed that a particularly dumb flavor of criminal had copied the EDA2 open source ransomware when building their custom version. Unsatisfied with business-like threats and demands for payment, the “author” of this malware made a series of silly claims, the least of which was that “Best Buy will have no ability to undo the encryption. Hell, even the NSA probably couldn’t undo it. Well maybe they could, but I suspect you won’t be a high priority for their computation clusters for at least a couple of years.”. Now ignoring why anyone would think of Best Buy in this situation (maybe the author was a 30-something resident of the US?), this whole sham came falling down when the EDA2 developers publicized the backdoor and published a list of decryption keys. Hurray for open source!