Contest - Win $500+ in prizes!
 

Kaspersky: help needed to decipher a master singer virus

If you're new here, you may want to subscribe to our RSS feed. Thanks for visiting!

The virus Gpcode master singer is back with a key RSA 1024 bit that remains to be broken. To do this, Kaspersky Lab asks for help and launched an operation Stop Gpcode.
Kaspersky: help needed to decipher a master singer virus
An old acquaintance resurfaced talk about it and that is once again Kaspersky Lab who sounded the alert. Already in 2007 the malicious code Gpcode had about him, more by its singularity by its real danger. Taxed virus master singer, Gpcode has usually encrypt files of various types found on the infected machine (.Doc, .Txt, .Pdf, .Xls, .Jpg, .Png, .Cpp, .H). , And then ask for a ransom in exchange for allowing a utility decryption. Today, rebelote with a new variant in circulation, but the threat is climb one step for Windows users that lack of vigilance or a solution anti-virus software up to date, have their computers infected.

For its operation encryption, Gpcode used in the past one RSA encryption algorithm with key variable length which have always been broken. The key to the longest was of 660 bits, and Kaspersky had indicated then that he normally would have taken 30 years to a PC with a 2.2 GHz processor to overcome them. Now Virus32.Gpcode.ak according to the name used by Kaspersky Lab, using a key RSA 1024 bit more difficult to break, but a real challenge that the publisher has decided to raise with the help of good souls. Well insist on the fact that the definition of that virus has already been added to the bases viral Kaspersky Lab, and others rest. Breaking the key does not cover an absolute necessity, except perhaps for reckless trapped.

With its Operation Stop Gpcode, the Russian publisher invites “all encryption specialists around the world to gather their efforts to decipher the key RSA 1024 bit,” he wrote in a press release stating that it is is a cryptographic challenge of the most complex. A forum dedicated to this transaction was made online.

Where …
Regarding the modus operandi of Gpcode, after a file encryption, its extension is changed ._CRYPT And the virus then place a text file titled !_READ_ME_.txt In the same case. This text file tells the user to decrypt the file, it must buy a specific utility. In such cases, Kaspersky Lab asks the victim did not respond and make contact at stopgcode@kaspersky.com with another computer. In addition, the infected machine should not be restarted or turned off.


Subscribe to comments Comment | Trackback |
Post Tags: , , , ,

Browse Timeline


Add a Comment


XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>



© Copyright 2007 Techogy . Thanks for visiting!