Nettips.dk Websted
Forum start Forum start > Tips til... > Sikkerhed
  Aktive emner Aktive emner RSS Feed - Virus afpresser ofre
  FAQ FAQ  Søg i forum   Begivenheder   Opret ny bruger Opret ny bruger  Log ind Log ind

Virus afpresser ofre

 Besvar Besvar
Forfatter
Besked
Admin Se drop down
Staff
Staff
Avatar

Medlem siden: 14 Okt 2007
Sted: Sydfyn
Status: Offline
Point: 3609
Indlæg funktioner Indlæg funktioner   Tak (0) Tak(0)   Citér Admin Citér  BesvarSvar Direkte Link til dette Indlæg Emne: Virus afpresser ofre
    Sendt: 06 Jun 2008 kl. 13:06
En ny farlig virus, der afpresser de inficerede, er i omløb. Bliver man inficeret, krypterer virussen alle computerens filer, så de er utilgængelige. Det er på nuværende tidspunkt umuligt at bryde virussens kode, fordi den er krypteret med 1024 bit.
 
Virussen fortæller den ramte, at man skal købe nøglen til krypteringen ved at kontakte en anonym e-mail-adresse. Kaspersky Lab udarbejdede 4. juni en signatur til “Virus.Win32.Gpcode.ak”, som virussen hedder.
 

Kaspersky Lab, a leading developer of secure content management systems, has informed the public that a new variant of Gpcode, a dangerous encryptor virus has appeared, - Virus.Win32.Gpcode.ak.

 

Gpcode.ak encrypts files with various extensions including, but not limited, to .doc, .txt, .pdf, .xls, .jpg, .png, .cpp, .h and more using an RSA encryption algorithm with a 1024-bit key.

 

Kaspersky Lab added a signature for Virus.Win32.Gpcode.ak on June 4, 2008.

 

Kaspersky Lab succeeded in thwarting previous variants of Gpcode, (see Blackmailer on viruslist.com) when Kaspersky virus analysts were able to crack the private key after in-depth cryptographic analysis.

 

Kaspersky Lab virus researchers have to date been able to crack keys up to 660 bits. This was the result of a detailed analysis of the RSA algorithm implementation. It has been estimated that if the encryption algorithm is implemented correctly, it would take 1 PC with a 2.2 Ghz processor around 30 years to crack a 660-bit key.

                                                 

The author of Gpcode has taken two years to improve the virus: the previous errors have been fixed and the key has been lengthened to 1024 bits instead of 660.

 

At the time of writing we are unable to decrypt files encrypted by Gpcode.ak since the key is 1024 bits long and we have not found any errors in implementation yet. Thus, at the time of writing, the only way to decrypt the encrypted files is to use the private key which only the author has.

 

After Gpcode.ak encrypts files on the victim machine it changes the extension of these files to ._CRYPT and places a text file named !_READ_ME_!.txt in the same folder. In the text file the criminal tells the victims that the file has been encrypted and offers to sell them a decryptor:

 

«Your files are encrypted with RSA-1024 algorithm.

To recovery your files you need to buy our decryptor.

To buy decrypting tool contact us at: ********@yahoo.com» 

In this case, we recommend that victims try to contact us using another computer connected to the Internet. DO NOT RESTART or POWER DOWN the potentially infected machine.

Contact us by email at stopgpcode@kaspersky.com and tell us the exact date and time of infection, as well everything you did on the computer in the 5 minutes before the machine was infected:

• Which programs you have executed,
• Which websites you have visited, etc.

We'll try and help you recover any data that has been encrypted.

Kaspersky Lab analysts are continuing to analyze the virus code in search of a way to decrypt the files without having the private key. In the meantime, we recommend that everyone sets their anti-malware solutions to maximum security and takes extra care while browsing the Internet and reading email. If the above messages appear on your machine please contact us immediately as per instructions above.
 
We urge infected users not to yield to the blackmailer, but to contact us and your local cyber crime law enforcement units. Yielding to blackmailers only continues the cycle.
Til top
Guests Se drop down
Guest Group
Guest Group
Indlæg funktioner Indlæg funktioner   Tak (0) Tak(0)   Citér Guests Citér  BesvarSvar Direkte Link til dette Indlæg Sendt: 06 Jun 2008 kl. 14:14
av den var slem Dead
Til top
Guests Se drop down
Guest Group
Guest Group
Indlæg funktioner Indlæg funktioner   Tak (0) Tak(0)   Citér Guests Citér  BesvarSvar Direkte Link til dette Indlæg Sendt: 06 Jun 2008 kl. 14:44
Ja den er grim, men så er det godt man har et fuldt backup/Image af Cdrevet.Wink
Til top
e-tech Se drop down
Entusiastisk
Entusiastisk
Avatar

Medlem siden: 14 Okt 2007
Status: Offline
Point: 6926
Indlæg funktioner Indlæg funktioner   Tak (0) Tak(0)   Citér e-tech Citér  BesvarSvar Direkte Link til dette Indlæg Sendt: 06 Jun 2008 kl. 18:54
"Our greatest glory is not in never falling, but in rising every time we fall." - Confucius


Til top
Guests Se drop down
Guest Group
Guest Group
Indlæg funktioner Indlæg funktioner   Tak (0) Tak(0)   Citér Guests Citér  BesvarSvar Direkte Link til dette Indlæg Sendt: 06 Jun 2008 kl. 19:52
Det er da helt sort.
Godt man ikke har de problemer.
Til top
e-tech Se drop down
Entusiastisk
Entusiastisk
Avatar

Medlem siden: 14 Okt 2007
Status: Offline
Point: 6926
Indlæg funktioner Indlæg funktioner   Tak (0) Tak(0)   Citér e-tech Citér  BesvarSvar Direkte Link til dette Indlæg Sendt: 06 Jun 2008 kl. 20:20

Ifølge sikkerhedssitet Net-security.org vil det tage en pc med 2,2 GHz Processor omkring 30 år at knække en 660-bit nøgle.Shocked

http://www.version2.dk/artikel/7519

"Our greatest glory is not in never falling, but in rising every time we fall." - Confucius


Til top
Kavjik Se drop down
Entusiastisk
Entusiastisk
Avatar

Medlem siden: 15 Okt 2007
Status: Offline
Point: 1569
Indlæg funktioner Indlæg funktioner   Tak (0) Tak(0)   Citér Kavjik Citér  BesvarSvar Direkte Link til dette Indlæg Sendt: 06 Jun 2008 kl. 22:04


Citat: e-tech e-tech skrev:

Ifølge sikkerhedssitet Net-security.org vil det tage en pc med 2,2 GHz Processor omkring 30 år at knække en 660-bit nøgle.Shocked

http://www.version2.dk/artikel/7519



Citat: Admin Admin skrev:

it would take 1 PC with a 2.2 Ghz processor around 30 years to crack a 660-bit key.




Redigeret af Kavjik - 06 Jun 2008 kl. 22:05
http://webbies.dk/blog
Følg mig med RSS
Til top
Guests Se drop down
Guest Group
Guest Group
Indlæg funktioner Indlæg funktioner   Tak (0) Tak(0)   Citér Guests Citér  BesvarSvar Direkte Link til dette Indlæg Sendt: 06 Jun 2008 kl. 22:23
Yup det er skidt Dead
Til top
 Besvar Besvar
  Del emne   

Skift forum Forum tilladelser Se drop down

Forum Software by Web Wiz Forums® version 11.10
Copyright ©2001-2017 Web Wiz Ltd.

Denne side blev genereret på 0.109 sekunder.