Kaspersky Lab warns of new blackmail virus

New version of virus detected that encrypts user files and blackmails victim into paying for encryption key

  • E-Mail
By  Mark Sutton Published  June 9, 2008

Kaspersky Lab is warning of a new encryptor virus which is currently in the wild, virus.win32.gpcode.ak.

The new virus attempts to encrypt a wide range of file formats, to deny the user access to the files. The virus then attempts to extort a subscription fee from the user in return for the software to un-encrypt the data.

The Gpcode encrypts .doc, .txt, .pdf, .xls, .jpg, .png, .cpp and other popular file formats, using 1024-bit encryption. Kaspersky was able to crack a previous version of the virus which used 660-bit encryption, but so far has been unable to beat the updated virus.

Infected computers will display the message "Your files are encrypted with RSA-1024 algorithm. To recovery your files you need to buy our decryptor. To buy decrypting tool contact us at: ********@yahoo.com" once the files have been encrypted.

Kaspersky recommends that users do not turn off or power down the infected computer, but instead contact them for assistance on a different PC at stopgpcode@kaspersky.com, as well as informing their local cyber law enforcement authority.

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code