Ransomware Encrypts Victim Files With 1,024-Bit Key

-

Now more than ever, it's important that Windows users ensure their machines are safe from hackers/Linux users you do not need to worry about these things. A dangerous new strain of malicious software that holds the victim's computers files for ransom has been unleashed, and Kaspersky Lab is warning that security researchers have yet to crack the encryption key.

The malware in this case is the latest version of Gpcode (Kaspersky calls it Gpcode.ak), a nasty piece of "ransomware" - A cryptovirus, cryptotrojan or cryptoworm is a type of malware that encrypts the data belonging to an individual on a computer, demanding a ransom for its restoration- that scrambles all of the victim's data files with an encryption key known only to the attacker(s). Victims are told via a pop-up message that they need to purchase a special decryption program to regain access to their data.

Kaspersky and other anti-virus companies have previously unraveled the secret encryption key for all previous versions of Gpcode, but this time, the malware author apparently has learned from his previous mistakes. Now, the Gpcode author is encrypting victim files with an extremely strong 1,024-bit RSA encryption key.

"We estimate it would take around 15 million modern computers, running for about a year, to crack such a key," writes Aleks Gostev, senior virus analyst at Kaspersky, on the company's blog.

"The author has bided his time, waiting almost two years before creating a new, improved variant of this file encryptor. Gpcode.ak doesn't not repeat the errors found in previous versions of the virus."

Kaspersky said it's not clear yet how the ransomware is being spread. Once a system is infected and the files are encrypted, it leaves the following message in a pop-up alert:

"Your files are encrypted with RSA-1024 algorithm.
To recovery your files you need to buy our decryptor.
To buy decrypting tool contact us at: ********@yahoo.com"

I don't see anyone but Kaspersky making a lot of noise about this virus, so my guess is that most of the victims are probably in Eastern Europe and Russia. But if your machine does get infected with Gpcode, Kaspersky wants to hear from you (so does Security Fix, for that matter). They're offering assistance to anyone victimized by this virus. Check out this link for more information.

The company also is trying to generate support for a collaborative effort to break the encryption key; check out the forum here. I wish Kaspersky luck with that, but I don't believe they will succeed. It is extremely fortunate for most users that this type of attack isn't more widespread, as it is likely that most victims will end up paying the ransom if they ever want their data returned.


Comments

Post a Comment

Popular posts from this blog

Access Pay sites without payment or authentication

-
Guys, This is to Access pay/registration required sites for free I do not know if this will work with every site on the internet plex. but it worked on many sites for me. All what you need to do, is to make your web browser distinguish itself as Google Bot All of us have seen Google returns search results that lead to sites that require a registeration ?, How googlebot index the site without a registration ? Many sites want their site indexed in google to recieve more hits and thus, make more money with advertisment on their site. Even more interesting is the following question: How do we use this to our advantage ? It is Simple , we need to disguise ourselfs as the googlebot, many sites will let you in without authentication/registration. The parameter we have to change is called the User Agent. The user agent defines the browser and version that you use. For example it would show Internet Explorer as your browser if you are using this one. You need to alter your Browser settings to t
Read more

116 Open Source Application that you can use

-
Below is a list of Open Source application that I used/tried/researched. Please share your experience with us and add your application as well. 3D Animation Editor 1. White_Dune This 3D modeler and animation tool allows users to read, display, and perform low-level editing tasks on VRML97 files. VRML97, which stands for "Virtual Reality Modeling Language," is the current industry standard for displaying 3D animations on the Web. Operating system: Linux/Unix, OS X, Windows. Address Book 2. Rubrica Written using GNOME and GTK+, Rubrica stores contact information as XML data. It can import/export from a variety of formats, including GnomeCard, KAddressbook, Evolution, and csv file format. Operating system: Linux/Unix. Audio Tools 3. Audacity Audacity allows users to record live audio, convert tapes and records to digital formats, or mix pre-existing digital audio tracks. Supported formats include Ogg Vorbis, MP3, and WAV sound files. Operating system: Linux/
Read more

Complete HD Image Backup, Acronis Open Source alternate

-
Image
This Post to complete on Ghost Open Source alternate . It is called SNAP Backup, Snap backup makes a complete backup of your HD to a central server, it support incremental,differential. List Of Features One Click to Perform a Backup Configurable Settings Runs on Most Platforms (Including: Mac OS X, Linux, Solaris, and Windows) Supports Multiple Languages Support all Operating Systems (Linux,Windows , Mac) I may say that is is Aconis Open Source Alternate Screen Shot of the Client is below Link for SNAP Backup Utility h3r3.  .
Read more