Hello, welcome to the Tuesday, July 26, 2016 edition of the Sansa and Storm Center's StormCast.

My name is Johannes Ulrich, and I'm recording from Jackson, Florida.

DDA today continues his fantastic series on how to deal with Python Malver.

Again, this is a Python code that uses Pi installer in order to create an executable.

Today, Did he did add another layer of obfuscation here where he actually had embedded Python bytecode

that then was run inside the Python script now in order to actually decompile all

of this you need to add the special Python bytecode header so it's going to be

recognized by Python decompilers and once you prepend the right 8 bytes here, Python decompilers should

have no problem decompiling the code.

And yesterday I mentioned PowerBer, the fairly basic crypto ransomware that does try to extort

money from victims by claiming to be lucky.

Well, I also mentioned that there's a decryption tool but didn't actually link to it.

I'll do that today in the show notes.

So if you run into Powerware, Palo Alto's Unit 42 did release a decryption tool written in Python and

it's published on GitHub and you will find the link to it in my show notes.

And if you're looking for decryptors for any other ransomware, it has always been difficult to track down individual decryptors.

A new website, no more ransom.org, does have links to all of the different decryptors

that have been published for various versions of ransomware. So take a look at the site if you are getting infected and hopefully

you'll find the cryptor for whatever hit you there. It also includes a feature they call

Crypto Sheriff, which essentially you just upload an encrypted file to and then it attempts to figure out what kind of ransomware

you got infected by and whether or not there is a decryption solution available.

And Team Panku, a Chinese team that deals with iOS jail breaks, has released an app that will jailbreak all current versions of iOS,

...