What Is A Syskey Attack ?
Actual Syskey is not malware, as many people think. In reality, Syskey is a program that used to be part of Microsoft operating systems to encrypt files. It’s not present in equivalent Mac systems. Syskey is nothing more than a program made by Microsoft for its early operating systems. The word comes from the phrase “system key.” It could be found in Windows XP, Windows Vista, and Windows 7 desktop operating systems that came out before Windows 10.
Before you can understand Syskey, you have to know what the SAM is. The Security Account Manager, or SAM, is a database that is built into all versions of Windows. The passwords for the computer users are stored in this database in a hashed format. Hashing is a way to make sure that a password can’t be read by a program that shouldn’t be able to. It’s a security measure to stop people from getting your password. Hashed passwords are encrypted so that hackers and other cybercriminals can’t just look up the SAM to get into a Windows computer.
The SAM is like a safe that kept all of the Windows user passwords safe. The lock on the box is the Syskey. Since all locks can be opened with the right key, anyone with the right Syskey password can get into the SAM and see all the passwords in it. In the beginning, Microsoft let users protect the SAM by moving the Syskey, which was its encryption key, to a different place. That is, users could move the key off of the computer and into another computer or a hardware device. Then, this key could be used to set up a password that could be used to unlock the SAM.
What Is Syskey Scam ?
From 2010 on, Syskey was used in a lot of ransomware scams. People called these “tech support” scams. The typical Syskey scam would go like this: A hacker would trick a Windows user into giving them remote access to the computer. Most of the time, hackers did this by pretending to be IT or tech support workers from companies that were supposed to be connected to Microsoft. When the hacker has remote access, he or she can get into the Syskey.
It would let the hacker lock the Windows user out of their own computer. The con artist would then ask for money to unlock the computer. Scammers have sometimes called Windows users who didn’t know what was going on. People told the owners that their PCs had “critical problems” that needed to be fixed right away. Users may get scared when they get these calls and then let people who claim to be tech support access their computers remotely. The hackers would then use Syskey to ask for credit card information.
It is not impossible to get into a computer that is locked with Syskey without giving in to what hackers want. But to do this, the whole system would need to rest. A real person who helps with tech support can reformat the computer. It would give the user full access to the system again. But users may lose some or all of their information. During the reformatting process, users could lose important files, photos, or app data. Unless there is another copy of it somewhere else. Data loss can be kept to a minimum with a system restore point or a hard drive that is split up into sections.
