Home / / Kaspersky Lab warns of new blackmail virus

Kaspersky Lab warns of new blackmail virus

New version of virus detected that encrypts user files and blackmails victim into paying for encryption key

Kaspersky Lab is warning of a new encryptor virus which is currently in the wild, virus.win32.gpcode.ak.

The new virus attempts to encrypt a wide range of file formats, to deny the user access to the files. The virus then attempts to extort a subscription fee from the user in return for the software to un-encrypt the data.

The Gpcode encrypts .doc, .txt, .pdf, .xls, .jpg, .png, .cpp and other popular file formats, using 1024-bit encryption. Kaspersky was able to crack a previous version of the virus which used 660-bit encryption, but so far has been unable to beat the updated virus.

Infected computers will display the message "Your files are encrypted with RSA-1024 algorithm. To recovery your files you need to buy our decryptor. To buy decrypting tool contact us at: ********@yahoo.com" once the files have been encrypted.

Kaspersky recommends that users do not turn off or power down the infected computer, but instead contact them for assistance on a different PC at stopgpcode@kaspersky.com, as well as informing their local cyber law enforcement authority.

CHANNEL AWARD 2018