Slashdot Mirror
Sneaky Blackmailing Virus That Encrypts Data
BaCa writes "Kaspersky Lab found a new variant of Gpcode which encrypts files with various extensions using an RSA encryption algorithm with a 1024-bit key. After Gpcode.ak encrypts files on the victim machine, it changes the extension of these files to ._CRYPT and places a text file named !_READ_ME_!.txt in the same folder. In the text file the criminal tells the victims that the file has been encrypted and offers to sell them a decryptor. Is this a look into the future where the majority of malware will function based on extortion?"
Question is, does the encryptor rewrite the data in-place, or just encrypt to a new file then delete the original? If the latter, the data is still recoverable with a simple undelete utility.
I wonder if there will be tools / services that would be able to hammer at (or otherwise crack) the 1024-bit encryption and find the key.
Does anyone know how bad this might be from a computational-power standpoint?
Seriously. In order for extortion to work, money has to change hands. Money can be traced, easily (don't believe what they say about Western Union). This is a great way to track down and capture the people who are spreading the virus. And the people whose files are encrypted could as easily have seen those files deleted, or worse. So it's no difference to them, except that they now have a hand in putting a crook behind bars.
The virus tossers are actually making their situation worse by turning to extortion. But they weren't all that bright to start with.
I don't know! Stop asking me those questions all the time. Is it obligatory to end every blurb with a question, or what?
The trust issue is that there is fundamentally no reason for the person receiving the money to follow through and send you the private keys to decrypt the data. If it was a known person, they'd be arrested, and since they're unknown there is no "reputational" factor that would make people more likely to pay based on the experience of others.
Just another moron criminal scheme from some douchebag who thinks he's found a get rich scheme. Just like other "genius" criminals, the fact is that the professionals in the field are smarter than the criminals.
This same thing happened in the late 80's (or maybe early 90's). Some hackers mailed a 5.25 inch floppy with some "free" software on it to thousands of people around the world. When you installed the software, it would hijack your PC and encrypt various files and you had to pay a ransom to get it back. There was a EULA and everything with the disk (which of course nobody read) which made it clear what would happen if you installed the disk. Perhaps someone can remember what it was called.
At least know the owners of bot controlled machines will have a clue that their machines are bot controlled. And maybe we'll see fewer bot controlled machines.
One can only hope.
Have people not heard of this before? I'm not trying to be an ass, but it's not like this is new.
No existe.
If you back up regularly (and if you don't, what the hell are you thinking -- hard drives last forever?) then this is a non-issue. Yawn.
The virus can't encrypt the files stored on a DVD-R :)
Although since I use Linux, I'm still too lazy/dumb to follow the backup advice (and trust me, I've been hit badly before simply for having no recent backups, no lectures needed).
Give us one million dollars or you never see C:\WINDOWS\system32\sol.exe again!!!
Joe User: Someone set us up the encryption. We get no data. Readme file turn on.
Jack Hacker: How are you gentlemen? All your data are belong to us.
I'm not going to worry about this.
I'm sure the fine folks of our Government are watching everything that happens on my computer & will promptly decrypt my files for me using their built-in back doors.
Wanna fight ? Bend over, stick your head up your ass, and fight for air.
My computer was infected by this virus... luckily all my files were already encrypted so all it did was make plain-text versions of everything and leave me a file asking for a donation
Maybe it will not surprise you to know that Geek Squad is behind this scam. They will never try to collect extortion money as their real target revenue is the 65 dollar check-up fee they will get when consumers bring their computers in to find out what has gone wrong. Of course, the fee is higher if you don't have extended warranty, or if you installed your own antivirus software.
Of course I could be wrong.... but it's a thought
Support NYCountryLawyer RIAA vs People
Viruses up to date have been using conventional encryption, with the obvious problem that the key is found in the virus. If only general population improves their computer literacy in proportion to malware writers, headlines such as this one will become the thing of the past.
I am however disappointed that the author used only 1024 bit key length, which is no longer recognized as unconditionally secure. Hopefully he or she at least generated a secure random seed for the key pair.
This sounds like a straightforward implementation of cryptoviral extortion. Hopefully, the authors made some stupid mistake (like using the same key everywhere, or encrypting the data directly instead of doing it indirectly through a symmetric crypto key).
Still, the basic strategy remains viable, so the best opposing strategy would be to harden systems. Unix permissions won't help you here, since you usually have rights to write or alter permissions to stuff in your home directory. Backups would work (but only if you didn't change anything after the last backup), and so would default sandboxing/fine-grained security, or just not running suspicious apps (which amounts to a sort of "whitelist based security" where whatever not on the list gets zero privileges).
"We have encrypted your illegally copied music files. Put $5000 in unmarked bills in a plain brown paper sack and mail it to: RIAA Washington, D.C. no later than midnight tonight or you'll never listen to your music again"
Oh, this is going to be rich. These guys have read too much William Gibson. Unless the whole thing is a Joe-job trying to get some innocent (ish) third party in trouble, these folks are going to find it pretty damn hard to collect any money without being traced, and this is more than commonly illegal.
They can reverse engineer it, find out how it generates the encryption keys and reverse the algorithm - and crank out a utility that does it automatically. (Assuming it doesn't just write randomized data into the _CRYPT file and sucker you into sending them $ in hope of recovering what you lost, but at least then they would know the file is unrecoverable)
My rights don't need management.
If you look at the screen prints from the article, the stupid author decided to use a "@yahoo.com" e-mail address. Call me crazy but Yahoo is probably already monitoring that e-mail box after the AV vendors let them know--long before any $$$ changes hands.
Unfortunately, 2 years from now, some poor soul will get bit by this... By then the Yahoo e-mail address will be long-dead, and the key might still be known only to the author...
Windows 3.1x calc: 3.11 - 3.10 = 0.00
Home users have CD/DVD-R's, external disk backups, stuff stashed across multiple machines, System Restore, Time Machine (wait... OSX isn't affected by this, ne'ermind), things of that nature.
I suspect the script kiddies know this as well, since only someone who would fall for such a scheme would not have their vital files backed-up somewhere... even if it's stashed on another box somewhere in the house.
Quo usque tandem abutere, Nimbus, patientia nostra?
What if that country doesn't care?
1. Create hoax crypto extortion virus
2. Call for trade sanctions against Lower Bananastan
3. Ram the "criminalize crypto and authorize panoptic surveillance" (CCRAP) treaty through the G8
4. Profit^H^H^H^H^H^HAll our base belong to whitehouse.gov.
Phase two, would be paying for a botnet to do the number crunching to decrypt. It's 1024bit right, so with a large enough botnet that could be worked out in maybe a month - that's if every computer in the world was infected.
I've heard of companies getting their databases infected by viruses, and that's the sort of company that provides electronic transactions, so this seems like it has the potential to really screw some people over, obviously.
Why UNIX?
...the Casino Virus. Perhaps because of the similar concept of "holding data hostage".
The virus takes your FAT and stores it in RAM. Then lets you play a slot-machine game. If you win, you get your data back. If you lose, you lose your data. Some other combination of characters (in the slot machine) gives you the virus-writer's phone number.
Vivin Suresh Paliath
http://vivin.net
I like
This is data ransom, not blackmail.
Wouldn't shadow copies under Vista (Ultimate/Business) allow one to revert the changes?
Here's an idea... Instead of all of these AV vendors spending (between them) thousands of man-hours to find holes so they could reverse-engineer a way to decrypt such files, maybe they should create a multi-company "decryption slush fund". This fund would be there to buy decryption keys from virus authors, posing as lowly home users from da Intarweb. I can imagine such authors would offer to sell the keys relatively cheaply ($1000 - $10,000) to stay under the radar. (A $1 million ransom would even catch the attention of Nigerian authorities). Once the key is in-hand and it works, that key would be made public to the entire Internet and any additional decryption details shared with all member companies, for quick inclusion in updated AV/malware signatures.
Now, I'm personally against paying virus writers extortion money. But there are some huge positives. Such a fund would 1) minimize the potential income to such authors, 2) quickly end the threat within hours/days, 3) give law enforcement an opportunity to track the money trail... Of course, the negative is that authors could now author the same virus with new keys--but that's counteracted by the fact that such authors would want to "lay low" after putting out new viruses. (Put out new versions every day and someone will take notice...)
Windows 3.1x calc: 3.11 - 3.10 = 0.00
The big problem for the victim here is that RSA with a key that big can't be brute-forced in any sort of reasonable time on current computers. But what about using FPGAs, something like this?
Is RSA immune to these kind of solutions? As I understand it* the inherent parallelism of FPGAs makes them well-suited to this kind of thing
*based on Wikipedia and a single university course in VHDL coding.
Programmer: an ingenious device that converts caffeine into code.
http://en.wikipedia.org/wiki/Ransomware_(malware)
The crypting your files and extort has been around since 1989 http://en.wikipedia.org/wiki/PC_Cyborg_Trojan
Cryptoviruses have been around for a while
As it was pointed out by another poster, no 1024-bit RSA is not sufficiently strong. Recent papers have demonstrated that factoring a 1024-bit key is now within practical reach. See for example this PhD dissertation from a student whose advisor was Shamir (the S in RSA FYI), which estimates that cracking a 1024-bit key would cost a few million US dollars.
Sure, at this point only a small number of organizations have a few million dollars to spare on cracking RSA, but this is beyond the point. The flaw is sufficiently serious that security standards are now recommending 2048-bit RSA keys minimum.
What I am talking about are relatively recent developments, it is not very well-known that 2048-bit is the minimum recommended length. This is why 1024-bit keys are still wildly used everywhere. My bank (www.wellsfargo.com) uses a 1024-bit key...
From my understanding, malicious activities such as these are forbidden in a large number of countries that are in agreement with our own national interests. It is because of this that most of these problematic internet-related things come from countries that do not enforce or make efforts to stop these problems. I realize that much may be developed in countries that hold them illegal, but that they are implemented and introduced via. networks in non-enforcing countries.
So what I'm asking criticism of is the idea that we should disconnect from those countries. In essence, forcing those countries to establish some form of network responsibility, or become alienated and disconnected.
I realize this ties closely to net neutrality and such, something that I embrace and promote. In a parallel concept, free speech is relatively 'free', but is limited to the point of obscenity. If we can, as a vast global majority, determine what is an internet-obscenity (metaphorically, of course), would it be appropriate to sever our connections until those areas/countries make efforts to control the obscene?
Way ahead of you. You'd be amazed how well AV companies work together.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
The weak point of this idea (apart from the fact that they stand a good chance of really pissing off a few million users and getting shot) is that it's very hard to drop a stick-up note on someone's computer and expect the payment not to be traced. You can be that someone will go to jail for a nice long time if they request payment by Visa or Mastercard. Same goes for wire transfers, paypal and most other forms of payment. Even cash would cause problems as soon as the friendly Postwoman in Vladivostok realized that you were getting thousands of mysterious envelopes filled with cash from all corners of the globe.
I came up with this idea years ago but my proof fell apart with the pay-off method, always seemed like the perps would get caught. The other idea I had years ago was hardware piracy, people trading production files that would be used with 3d fabrication units to create new consumer products. Funny that, both ideas are quickly approaching reality.
Kwisatz Haderach
Sell the spice to CHOAM
This Mahdi took Shaddam's Throne
Is this a look into the future where the majority of malware will function based on extortion?
The principle economic activity generated by malware is the virus scanner, firewall, intrusion detection business (and the spending on extra CPU, memory and bandwidth to offset their associated drag on performance). The only way this outlay of money keeps going into the virus scanner companies' pockets is if there are lots of new viruses all the time. Do you doubt that these "security" folks would act to protect their revenue stream? I bet that 80% of the new viruses are commissioned by the same people we pay to protect us from them.
In my opinion it's all nothing but extortion already.
They will bank on enough people not wanting their souse/partner/children know they got the infection by installing a codec to let them view kiddie porn movies that they will pay up rather than ruin their lives by going to the police, or just not pay up, wipe the machine and claim it crashed. Oh dear. Chances are they wont actually send the decrypt key anyway, but if you were dumb enough to install their malware, you'll probably pay them anyway.
I thought of a virus along this line, but slightly different. What it would do is encrypt the data, decrypt on the fly until it is time to demand payment. All backups would have been encrypted too, if you have the correct hooks into the OS. I never tried it, since the dark side has a strong pull.
Fight Spammers!
Blackmail is threatening to reveal secrets, extortion is obtaining money through force or threat of force.
in Nigeria?
There are real banks in Nigeria, owned by the ruling ethnic group, that's where the billions of dollars from oil goes. The rulers get their money while those who live where the oil comes from, the Niger Delta, have to fight for scraps.
FalconShould there be a Law?
But there are shortcuts to factorization. ie, if a long number ends in 0 or 5, it is divisible by 5. If the digits add up to 9, it is divisible by 9, etc. There may be similar but far more obscure shortcuts for larger primes.
Now, I am not a cryptanalyst or mathematician, and I'm not clear on how RSA works, so bear with me. Suppose I were to generate a list of prime numbers. This only has to be done once. Now suppose I take each prime and multiply it by every other prime on the list. Now if there are n primes, there are going to be n^2 products. Let's say we only store the last ten digits of the product, along with which primes generated it. There's only going to be a handful of primes who's product gives those same last ten digits. So, if the RSA depends on being able to decide which primes a large number is composed of, then would I not just have take the last ten digits of the large number, look up in my table to find the handful of primes that could multiply out to that, and just check those?
When our name is on the back of your car, we're behind you all the way!
If I send someone money, what keeps me from sending them a letter bomb with it?
“Common sense is not so common.” — Voltaire
The virus can't encrypt the files stored on a DVD-R
Oh! How I long for those halcyon days of yore when my backups actually fit on a DVD-R.
When our name is on the back of your car, we're behind you all the way!
I'll append a sarcasm tag next time. By the way, that bit of info is insanely depressing, and kind of made me feel a bit insensitive. Mod parent up.
The people bought Windows and in spite of the fact that better options exist, even MacOSX qualifies as better, they stay with Windows because they don't want to learn something new... at the core, they don't want to learn. They get what they deserve.
All your data are belong to us.
Are you insane
Do you think as soon as they have decrypted this virus they will stop colluding? Do you think the "savings" from this arrangement will be passed on to the consumer? The last thing we need is an "AVIAA" (Anti-Virus Industry Association of America) type organization ensuring that everyone is running a paid for version of AV regardless of Operating System or F/OSS alternatives available.
Calling someone a "hater" only means you can not rationally rebut their argument.
%x#OWwq[!9b`tIFqD=lM}%|.X@y0SocG:WX$LPDLKP(+x(SRx2#g8O`Bx-o`ciACE$kX=(/DT$^wz$r)84h0O*3)]3'gBx@=he=&hMBs&Mc#8H7?=y+cjXkD]X1JR!>f^GhJIWGk:
)=^[I7@4xp\hL;:K;0~AXc>ylxwZjs%oyDJR,~JAh3Nb] (AFsI=dg`uO[)%@5|C#|\*tc`:IDq-Y>>Wc+[`G3sU&}kgKl!M~~8^qo;OQ
>the Niger Delta
It's African-American Delta!
Sure, you don't save every daily incremental, but you need to keep permanent copies of full backups on, say, a monthly basis. Permanent as in: you're not too cheap to overwrite them when you run out of room. Otherwise you're not really backing your stuff up.
Backups are not forever, media fails as does hardware. The best thing to do is to make and keep multiple copies of backups, on different media or hardware. And if you have a lot of data, that may mean a number of external hdds. Then as new technology comes along transferring old backups to new media or hardware. Here's a story about a "Computer Tech Accidentally Erases Info on Alaska's $38 Billion Oil Fund". No problem they thought, they had a backup. The backup, tape, had 9 months of data yet it was unreadable, it linked to a Physorg.com article but articles "expires 15 days after original publication date."
FalconShould there be a Law?
If the person doing the backup has a couple of TB storage (like I think, most of the
The problem, is that the average user doesn't often invest in a multi-TB storage solution.
And a full OS backup is still definitely a lot of place, if that OS happens to be Vista.
"Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
In theory AV companies say "... pay us money and we will release you of the infection..." From F-Secure's website ...
"
F-Secure Anti-Virus can detect and decrypt files encrypted by Gpcode trojan as well as it can detect and remove the trojan's file. If you are hit by this trojan and your files are encrypted, please scan ALL files on your hard disk and they will be decrypted.
"
I know that they didn't put it there in the first place but there is some parrallelism isn't there?
http://projectleader.wordpress.com
One of the original computer geeks in Los Angeles has been talking about this on his call-in radio show for years, explaining to both novices and pros alike why they should always back up their important files, preferably in multiple locations - on an external hard drive, or with a subscription to an online backup server. IDRIVE offers a basic online file backup service for free and a higher amount of storage space beginning at $5 a month. There's no excuse for anyone losing their data to this kind of a hacker, unless they're truly inexperienced computer users. Anyone reading /. on a regular basis should be tech savvy enough to take care of the business of protecting their personal and company data.
Just change random file's extension to ._CRYPT
Blackmail
Profit !!
The self-support model that is required for a zero-price Linux distro is often not acceptable in a corporate environment (unless they have internal IT that can provide the support). Which is why Red Hat Linux (and Suse and Oracle) continue to sell despite the existence of Centos. The best part is - while the price is non-zero (and generally too hefty for home use), the freedom is still included.
...reverse-engineer and analyze the code, and let us know what you find out...
Unless you have space for infinite backups, his method is write. At some point, you'll run out of space and have to delete old backups to make room for the new ones.
Yes, but you probably shouldn't delete the actual *oldest*. Backups should get sparser the older they get, but you should still have some ancient ones for precisely this reason (and others). The standard human algorithm is everyday for a week, every week for a month, every month for a year, every year for a decade. Storage for last decades backup is generally trivial.Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
It's a "false flag" attempt to frame some third party for extortion. It's quite possible that whoever programmed this knows damn well that there's no way he/she's going to make any money doing it.
unless it's also randomizing the keys the first time they sell a decrypter (assuming they actually do and don't just take your money) the anti-virus companies will get their hands on it and plug that into the 'clean' function for this virus.
I don't know how it works but I'd think a miscreant virus writer would use different keys and not the same key for each PC infected.
FalconShould there be a Law?
Click here for a write up of these two backup strategies.
Money can be traced, easily (don't believe what they say about Western Union). This is a great way to track down and capture the people who are spreading the virus.
I don't think it's as easy to trace money as you think. The extorter could have you wire transfer the money to a bank in the Caymans, which will then automatically transfer it to one in Russia, and with more transfers the money could end up in India. There a nobody could pick the money up from the bank and deposit it in another bank.
If money was so easy to trace then I'd think there wouldn't be many, if any, drug kingpins.
FalconShould there be a Law?
This makes it a little too easy:
/.
/.
1. Follow the money trail to the asshat (probably based in China or Russia).
2. Post the info on
3. I lead a mob of bored geeks to go beat the mustard out of this punk (and get the private key)
4. decryption algo posted on
5. everyone laughs at you, but at least you get your data back, and I get to crush someone's skull. everyone wins!
-Billco, Fnarg.com
This is the exact reason why only Governments should be able to use encryption. If bad people can use technology for bad things then that technology should be illegal.
Lets see, encryption, torrents, the Internet... heck lets just make computers illegal.
...easy-to-use backups, and/or the government tracking down the payments and busting the guy who receives it.
Of course, if you are just backing up to the hard drive, the virus will make sure to trash your backups. Better back up to a non re-writeable CD. Most people's unique data isn't that large. If it is, you should be doing nightly offsite backups anyway.
For all intensive purposes, "whom" is no longer a word. That begs the question, "who cares"?
Everyone knows that every slashdotter is the foremost expert in any field being discussed.
This sounds like a situation where a rubber hose cryptographic attack sounds appropriate. This method is guaranteed to work, and only requires a minimum of an investment. Simply put, you track the guy down, bring along some rather large individuals, and beat him with a rubber hose until he gives you the decryption key. Much quicker, more effective, and more satisfying than a standard brute force attempt.
Instead of all of these AV vendors spending (between them) thousands of man-hours to find holes so they could reverse-engineer a way to decrypt such files, maybe they should create a multi-company "decryption slush fund". This fund would be there to buy decryption keys from virus authors
Unless the virus authors are idiots and stupid they wouldn't use the same decryption key for every infection.
A $1 million ransom would even catch the attention of Nigerian authorities
Why would this catch Nigerian authorities attention? They're already swimming in billions of petrodollars.
FalconShould there be a Law?
There's a pretty good book about it, called "Malicious Cryptovirology." He goes to great lengths to describe the various ways this can be done, how there's very little the victim can do about it, and it's even a relatively short read. Go check it out.
The "Malta Casino Virus", 2 decades ago, did the same thing except that it encrypted the File allocation table and gave you a chance to win your data back by playing a game ;-)
Anyone heard about Onehalf? We're talking something like 1992-94 IIRC. :)
If my memory serves me right even further, the virus is from Kosice, Slovakia. It spread quite quickly (even though there was essentialy no Internet at that time in Slovakia) but later on, I believe ESET produced a utility to detect it and clean it up. Nice thing was, that it did not need to boot from clean boot floppy in order to do the clean-up (which was quite unussual at that time).
Funny thing then was, that few month later, as we though that Onehalf is - thanks to that utility - dead and old news, story came from USA that Onehalf reached there and that after a lot of trouble Norton was able to detect it. But not clean it. What a joke. If we've had email, we would happily mass-mail that ESET's anti-Onehalf utility to every one.
Maybe further info: ESET's One Half entry.
hany
But it's all shipped from multi-national warehouses, deployed across the country and the only connection with Redmond is that the recipe formula is "approved by Redmond".
Hmm. Maybe that belongs in the "Defunct.com" story.
My first Journal Entry ever, in 8 years! http://slashdot.org/journal/365947/aphelion-scifi-fantasy-horror-poetry-webzine
Banking in Nigeria is not significantly less reputable than anywhere else.
The problem with Nigerian scams is because there are a lot Nigerians, and a significant fraction of them do not trust random people they don't know from Adam (or in some cases, members of their own family) and think that "europeans" must be a bunch of illiterate cretins if they are willing to believe things they read in random e-mails from strangers, and hence deserve to be scammed.
The main factor in Nigerian fraud, is that part of the Nigerian population that believe that God created cretins so they could be scammed. Not a very christian beliefe:
Yes its true, Christianity would stop Nigerian scams - send more missionaries :-)
Yes, I have been to Nigeria.
Sent from my ASR33 using ASCII
If they're clever enough, that won't even work in theory. The ransom virus can just make up a symmetric key for the user in question, encrypting everything with this symmetric key, and the key itself with PK crypto. The extortionist asks for the encrypted symmetric key and gives the decrypted symmetric key in return, and there you are, none the wiser as to what the private component of the PK crypto scheme is.
Oh, that last part about Christianity WAS funny, considering
However, I'd say depicted Nigerian attitude combined with wealth is a bit concerning matter: Of Guns, Germs (, Presumptuousness) and Steel, they seem to just lack a lot of steel to become yet another global PITA.
sounds like Steam from Valve.
Actually, no. It's a look into the past. There was an alert going around circa 1990 about a piece of malware (it was a trojan, to be specific) that, running on DOS, would encrypt your entire hard drive during the installation. It would then send the demands to your printer.
www.wavefront-av.com
The majority of malware is already based on extortion. It's called DRM.
One person get's nailed.. sends the money in.. gets back the decrypter.. then drop that decrypter on a torrent for the world. Easy cheesy..
I know there will always be people who don't believe "in" enlightened self-interest, but it is not in your own self-interest to deliberately (How should I put this politely?) defecate in your own water supply.
You started by playing around with the scripts that the real blackhats built and left lying around. Then one of them contacts you (Because he naturally left a call-home in your script and has been "keeping an eye on you" -- but not much of an eye. Don't kid yourself.) and suggests you help him collect a bot army.
Now you've learned how to get a bot army, and you have a small army of your own. Trouble is, small armies aren't profitable. So you start the moving from script-jockey (The blackhats don't want to insult you, so they don't call you kiddie to your face.) to script-remodeller. But you have to eat, so when your blackhat suggests you try a little extortion, it sounds interesting.
What he doesn't tell you is that he is leading you to run interference for him while he goes after bigger fish. He tells you how to get into some foreign bank and set up accounts that have a very ephemeral existence, then stands back and watches you, and waits for you to either prove you're on top of this game or get arrested.
In the meantime, the money you are sucking out of the economy is not available to do the kind of dev work you'd prefer.
You lose.
Intelligent?
Computer memory is just fancy paper, CPUs just fancy pens with fancy erasers; the 'net is just a fancy backyard fence.
This is far from a new idea and has been done far better in the past. Go look up 'Cryptovirology' (if you you can't be bothered ot make any real effort - just read the wikipedia page http://en.wikipedia.org/wiki/Cryptovirology )
or (if you can deal with the author's pretentious, patronising and self indulgent style) read "Exposing Cryptovirology" ( http://thepiratebay.org/tor/3943108/Malicious.Cryptography.Exposing.Cryptovirology )
And besides, everyone knows the way of doing this is with stock price manipulation...
Here's an idea... Instead of all of these AV vendors spending (between them) thousands of dollars paying off criminals, maybe they should create a multi-company "decapitation smash fund".
Basically they use this money to track down the lowlife gobshites, cut their heads off and then smash their herads clean off with big lump hammers.
Doesn't even run on OS X or Linux .. :)
davecb5620@gmail.com
"The virus encrypts all user files with the extensions listed below"
Does it require administrator rights to function?
Does it run on Vista with User Account Control active?
davecb5620@gmail.com
The main factor in Nigerian fraud, is that part of the Nigerian population that believe that God created cretins so they could be scammed. Not a very christian beliefe:
Yes its true, Christianity would stop Nigerian scams - send more missionaries
I can't help but notice that if you are correct, what might help them even more is not believing in silly propositions like "God" and "Christianity."
If you are an atheist, then YOU are the fool!
Just because it CAN be done, doesn't mean it should!
Moved to http://soylentnews.org/. You are invited to join us too!
HOW TO SECURE Windows 2000/XP/Server 2003 & VISTA, plus, make it "fun to do" via the multiplatform CIS Tool guidance:
http://forums.guru3d.com/showthread.php?s=50594c00cc0a618384e0293079653093&t=246538
Neither Windows, nor Linux (or even BSD variants) are setup, security-wise, NOT NEARLY AS WELL AS THEY CAN BE (e.g. - both LINUX & WINDOWS scores on CIS Tool are around 46.xxx/100 out of the box, stock), w/ just a bit of work + testing.
---- "fine if you have all linux/bsd machines, but windows has as much security as the emperor had new clothes, even with a $$$ security suite." - by kesuki (321456) on Thursday June 05, @07:00PM (#23675839) Same with Linux, period... or, even OTHER Os' too.
---- "sad but true" - by kesuki (321456) on Thursday June 05, @07:00PM (#23675839) Sad but true? See the above... same with Linux, BSD variants (like MacOS or FreeBSD etc.), Solaris, etc. et al...
APK
P.S.=> Enough w/ the "Pro-*NIX" b.s. you guys spread around here, ok? It gets a bit sickening, & is JUST PURE "F.U.D." & by that? I mean F'd up DISINFORMATION!... apk