Special Issue Paper

International Journal of Information Security

, Volume 5, Issue 2, pp 67-76

First online:

Cryptoviral extortion using Microsoft's Crypto API

Rent the article at a discount

Rent now

* Final gross prices may vary according to local VAT.

Get Access


This paper presents the experimental results that were obtained by implementing the payload of a cryptovirus on the Microsoft Windows platform. The attack is based entirely on the Microsoft Cryptographic API and the needed API calls are covered in detail. More specifically, it is shown that by using eight types of API calls and 72 lines of C code, the payload can hybrid encrypt sensitive data and hold it hostage. Benchmarks are also given. A novel countermeasure against cryptoviral extortion attacks is shown that forces the API caller to demonstrate that an authorized party can recover the asymmetrically encrypted data.


Cryptovirus Public key cryptography Hybrid encryption Cryptographic API RSA