New Ransom-Ware Virus Resurfaces
Kaspersky Lab is warning that a new variant of a previous virus attack is under way, and those who fall victim will find their computer files held for ransom.
June 9, 2008
Kaspersky Lab is warning that a new variant of a previous virus attack is under way, and those who fall victim will find their computer files held for ransom.According to a recent bulletin from antivirus software maker Kaspersky, a new variant of Gpcode, Gpcode.ak, is on the loose. This hunk of malicious code will encrypt a wide range of files -- DOC, TXT, PDF, XLS, images, and other file types -- and then demand a "ransom" payment for the key necessary to decrypt the files.
From Viruslist.com:
"However, although we detect the virus itself, we can't currently decrypt files encrypted by Gpcode.ak -- the RSA encryption implemented in the malware uses a very strong, 1,024-bit key.
The RSA encryption algorithm uses two keys: a public key and a private key. Messages can be encrypted using the public key, but can only be decrypted using the private key. And this is how Gpcode works: it encrypts files on victim machines using the public key that is coded into its body. Once encrypted, files can only be decrypted by someone who has the private key -- in this case, the author or the owner of the malicious program.
"
Unfortunately, while the company can detect all known versions of Gpcode, Kaspersky says it doesn't have any information about how users are getting infected.
A couple of years ago, Gpcode had relied on a much lighter 660-bit key, and Kaspersky was able to decrypt infected files. That's unlikely to be the case with the stronger 1,024-bit key.
The good news is that, so far, antivirus companies don't seem to be sounding the alarm, which means this virus isn't spreading rapidly.
About the Author(s)
You May Also Like
Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024Where and Why Threat Intelligence Makes Sense for Your Enterprise Security Strategy
May 15, 2024Safeguarding Political Campaigns: Defending Against Mass Phishing Attacks
May 16, 2024Why Effective Asset Management is Critical to Enterprise Cybersecurity
May 21, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024