It looks like you're using an Ad Blocker.

Please white-list or disable AboveTopSecret.com in your ad-blocking tool.

Thank you.

 

Some features of ATS will be disabled while you continue to use an ad-blocker.

 

Kaspersky to try to crack code used in blackmailer virus

page: 1
1

log in

join
share:

posted on Jun, 10 2008 @ 09:42 PM
link   

Kaspersky to try to crack code used in blackmailer virus


news.cnet.com

June 10, 2008 4:59 PM PDT
Kaspersky to try to crack code used in 'blackmailer' virus
Posted by Elinor Mills 1 comment

Antivirus software vendor Kaspersky is launching an international effort to try to crack the encryption used in a "blackmailer" virus that locks up data on a victim's computer.

The company announced the "Stop the Gpcode Virus" initiative Monday and extended a public invitation to all cryptography experts and other researchers, saying it has sufficient information about the virus to enable experts to begin working on factoring the RSA key.

Kaspersky also created a special forum for the effort.

Kaspersky Lab said last week that it detected a new version of the ransomware type of Gpcode Virus that essentially holds your data hostage until you pay up. It encrypts files on the hard drive using an RSA algorithm with a 1024-bit key and leaves a message that advises the victim to buy a decryptor and provides an e-mail address to contact.

Kaspersky detects the new variant but is unable to crack the encryption key and has analysts working on that. The virus is rated a "moderate risk."

The Gpcode Virus was first detected in 2006. "Two years ago we were able to get the private key by detailed analysis of the data at our disposal," Kasperky Lab explained in a blog posting. "However, the maximum RSA key length we've been able to 'crack' to date is 660 bits. We were able to do this as the author had made some mistakes when implementing the encryption algorithm."

The encryption strength grows exponentially the more bits it has.

People who believe their computers have been infected with the virus are advised not to restart or power down the machines. They should send an e-mail to stopgpcode@kaspersky.com with details of the infection.

This is a screenshot taken of the message that pops up when a computer is infected with the Gpcode virus.
(Credit: Kaspersky )
(visit the link for the full news article)




posted on Jun, 10 2008 @ 09:42 PM
link   
If they manage develop a way to crack 1024 encryption effectively, then a lot of global security systems will be in trouble.

A special forum has been set up to address cracking this virus. If you want to help out, go here forum.kaspersky.com...

And since this is a conspiracy forum, here's the million dollar question, where do you think viruses like these come from?

news.cnet.com
(visit the link for the full news article)

[edit on 10-6-2008 by postmeme]



posted on Jun, 10 2008 @ 10:02 PM
link   
reply to post by postmeme
 


To address your last question .. Send money to this address for answers .



 
1

log in

join