Kaspersky Lab warns of new blackmail virus
New version of virus detected that encrypts user files and blackmails victim into paying for encryption key
Kaspersky Lab is warning of a new encryptor virus which is currently in the wild, virus.win32.gpcode.ak.
The new virus attempts to encrypt a wide range of file formats, to deny the user access to the files. The virus then attempts to extort a subscription fee from the user in return for the software to un-encrypt the data.
The Gpcode encrypts .doc, .txt, .pdf, .xls, .jpg, .png, .cpp and other popular file formats, using 1024-bit encryption. Kaspersky was able to crack a previous version of the virus which used 660-bit encryption, but so far has been unable to beat the updated virus.
Infected computers will display the message "Your files are encrypted with RSA-1024 algorithm. To recovery your files you need to buy our decryptor. To buy decrypting tool contact us at: ********@yahoo.com" once the files have been encrypted.
Kaspersky recommends that users do not turn off or power down the infected computer, but instead contact them for assistance on a different PC at firstname.lastname@example.org, as well as informing their local cyber law enforcement authority.