Slashdot Mirror

← Back to Stories (view on slashdot.org)

Russian Police Know Who Wrote Gpcode Virus

Posted by timothy on from the nyet-nyet-nyet- dept.

rifles only writes "Russian police almost certainly know the identity of the programmer responsible for the frightening 'ransomware' crypto virus, Gpcode, which has hit the Internet several times since 2006, says a story at Techworld, which has tapped a Kaspersky Lab researcher. Gpcode used 1024-bit RSA/128-bit RC4 to lock up victims' data, an uncrackable combination that left the world with only one solution: find the virus author to get the master key. So why don't the cops do anything? Good question, but this is Russia we're talking about."

8 of 201 comments (clear)

  1. Re:what? by grajzor · · Score: 2, Informative

    Probably along the lines of this article: http://www.washingtonpost.com/wp-dyn/content/article/2006/04/07/AR2006040701972.html

  2. Re:So why don't the cops do anything? by MightyMartian · · Score: 4, Informative

    Simple. They have an ulterior motive in not dragging his ass to prison. That or they're lying. Or lazy.

    Like cops the world over.

    --
    The world's burning. Moped Jesus spotted on I50. Details at 11.
  3. RC4 is broken, not unbeatable.. by nweaver · · Score: 5, Informative

    Ransomware crypto is not that effective: Backups are good, and the problem is payment is traceable.

    And RC4 isn't good for ransomware crypto, it IS broken, badly so.

    --
    Test your net with Netalyzr
    1. Re:RC4 is broken, not unbeatable.. by Anonymous Coward · · Score: 5, Informative

      No, RC4 is NOT broken.

      What IS broken is the implementation required for 802.11 (Wireless LAN) (weak Initialisation Verctors).

  4. Re:The enemy of my enemy is my friend by kestasjk · · Score: 5, Informative

    Who is to say that Russian authorities are not using this coder as a cover for much more malicious activities? All we know is that there is a virus that encrypts your data. What is it that we don't know yet?

    I've read the RTFA, if you thought "Russian KGB are letting mysterious virus author do as he wishes" was too bizarre to be true you're right.

    This is how it breaks down:

    • The virus author contacted Kaspersky asking for money for the tool to decrypt the encrypted files
    • Kaspersky attempted to trace the author, and found that (surprise, surprise) he is using various proxies in the US, Hungary, Russia, etc
    • Russian authorities apparently haven't rushed to the location of the Russian proxies (there's no mention of whether the US and Hungarian ones did)

    Implying that the KGB are the master-mind hackers of an intricate spiders web of zombie-PCs may be a little premature based on this techworld.com article..

    I wish there were sites which reported computer security news like it is, without the bullshit

    --
    // MD_Update(&m,buf,j);
  5. Re:The enemy of my enemy is my friend by kestasjk · · Score: 4, Informative

    (Just to be 100% clear and frank "Russian Police Know Who Wrote Gpcode Virus" is just a plain lie)

    --
    // MD_Update(&m,buf,j);
  6. Re:The enemy of my enemy is my friend by Vagnaard · · Score: 3, Informative
    Sorry to interupt you but :

    On December 21, 1995, the President of Russia Boris Yeltsin signed the decree that disbanded the KGB, which was then substituted by the FSB, the current domestic state security agency of the Russian Federation.

    --
    He had a baseball bat, and I was tied to a chair. Pissing him off was the smart thing to do. - Max Payne
  7. Re:The enemy of my enemy is my friend by Cyberax · · Score: 2, Informative

    Wrong. KGB has been substituted by FSK (Federalnaya Sluzhba Kontrrazvedki - Federal Service of Counter-Intelligence) on 1991 (right after the USSR collapse).

    In 1995 it was again renamed and reformed (this time it was called 'FSB').