Slashdot Mirror

← Back to Stories (view on slashdot.org)

Sneaky Blackmailing Virus That Encrypts Data

Posted by timothy on from the ouch-and-double-ouch dept.

BaCa writes "Kaspersky Lab found a new variant of Gpcode which encrypts files with various extensions using an RSA encryption algorithm with a 1024-bit key. After Gpcode.ak encrypts files on the victim machine, it changes the extension of these files to ._CRYPT and places a text file named !_READ_ME_!.txt in the same folder. In the text file the criminal tells the victims that the file has been encrypted and offers to sell them a decryptor. Is this a look into the future where the majority of malware will function based on extortion?"

3 of 409 comments (clear)

  1. But were they smart, or stupid? by pclminion · · Score: 5, Interesting

    Question is, does the encryptor rewrite the data in-place, or just encrypt to a new file then delete the original? If the latter, the data is still recoverable with a simple undelete utility.

    1. Re:But were they smart, or stupid? by Niten · · Score: 5, Interesting

      He did say "good corporate citizen", so if you are not paying for it, you obviously have something to hide and should be reported.

      You may think this is just a joke, but when my second college roommate saw me using an unfamiliar operating system, he naturally started asking me about it. "What's it called?" "Red Hat Linux." "How much does it cost?" "Nothing, it's free." He freaked out: "Oh my God, how can that be legal? That could cost Microsoft so much in lost profits! That should really be illegal..."

      The worst part? He was a business major, an honest-to-goodness PHB in training...

  2. Re:This has been done before by Ethanol-fueled · · Score: 4, Interesting

    Do people still keep stuff in "My documents?". Ya'd think that after all of the very public worms, viruses, malware, and phoning-home that people would learn to make their own "My Stuff" folder(if not regularly back up and/or encrypt their important data).