Share:

  • Facebook
  • Hacker News

Follow:

  • Twitter
  • RSS
DoesWhat

Your holiday snaps… up for ransom

Let us set the scene. You’ve got the family around and your computer is all set up to show off your holiday snaps. As you open the directory, something doesn’t feel right. Thumbnails aren’t appearing and your images have been renamed from “BEACH08.JPG” to “BEACH08.JPG._CRYPT”. You then notice a new file named “!_READ_ME_!.txt”, after some deliberation you decide to open this mysterious text file… you realise after reading that you have been e-blackmailed,

“Your files are encrypted with RSA-1024 algorithm. To recovery your files you need to buy our decryptor. To buy decrypting tool contact us at: [email protected]

That’s enough scene setting… This process means that your computer has been infected with an upgraded version of the Gpcode virus, this new version is the Gpcode.ak. RSA-1024 means 1024-bit encryption which is enough to get the secret services scratching their heads. Basically this is the webs answer to blackmail.

The original virus used a 660-bit encryption which was eventually cracked by Kaspersky Labs found this new ‘strain’ of the virus which had taken the virus programmer two years to better equip the virus. The virus’ encryption algorithm has been improved from 660-bits to 1024-bits and previous bugs in the code have been fixed.

It is thought that it would take 1 PC with a 2.2 Ghz processor around 30 years to crack a 660-bit key. This is why currently Kaspersky is unable to crack the updated 1024-bit key. This means that currently the only way to decrypt these files is to receive the private key from the malicious coder. However Kaspersky recommends that you contact at [email protected] and not the blackmailer.

The answer is to back-up regularly as the virus will encrypt your photos, documents, spreadsheets and anything it can get its hands on that it thinks may have some worth to you.

Is this the future of virus’? It’s certainly a more risky option for malicious coders, but more attractive due to the possible earnings which could bring greater satisfaction than writing virus’ that carry out attacks with no financial gain.

Please note that this isn’t an epidemic and as long as you keep updating your anti-virus you should have no issues.

  • Facebook
  • Twitter
  • Tumblr
  • StumbleUpon
  • Reddit
This entry was posted on Friday, June 6th, 2008 at 1:46 am GMT. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.
«



Quick links

Print | Email this story

You might also like

  • redsetter

    has it be cracked yet?

  • http://doeswhat.com DoesWhat

    It’s unlikely that it has been cracked as of yet.

Most Popular


Recent Articles

Where do you see Fanatix in 5 years time?

We think that every sports app, sports media app, sports betting app, etc... will all require an intelligent group messenger technology so we'd...
Will Muirhead (Fanatix)

Will Muirhead
Fanatix

Continue reading

What made you decide to start working on Pegby?

As a software developer, over the years I grew more and more dissatisfied with the tools that were available...
Stephen Starkey (Pegby)

Stephen Starkey
Pegby

Continue reading

Have your products got the feedback and growth you expected since launch?

I mean we’ve always shot big and worked hard on developing the best SEO software around but we couldn’t imagine having 380k customers simply because...
Viktar Khamianok (Link-Assistant.Com)

Viktar Khamianok
Link-Assistant.Com

Continue reading

You believe that to fail is to succeed. What failures have helped you succeed?

I played tennis for 14 years every day. After college, I played professional tennis tournaments in Europe for 5 months. I did not manage to get better than 1300...
Flaviu Simihaian (eval.me)

Flaviu Simihaian
eval.me

Continue reading

Copyright © DoesWhat 2008-2012
Hosted by PinchHost and powered by WordPress