Blackmailer: the story of Gpcode Virus

It is easy to imagine how upset a user would be when they wake up on a sunny June morning and discover that their files are unusable: either they canít be opened or, in the case of .txt files, they contain garbage. And itís not only MS Office documents over 80 different types of file are affected.

However, a few text files do open files with suspiciously simple names such as readme.txt. But the text these files contain isn't going to make the victims happy: it makes it clear to the victims that there's an easy way to recover their data - simply buy a decoder program that will unlock Ďcertain filesí, i.e. those which have been encrypted using the RSA encryption algorithm.

Unfortunately, this wasnít a scene from a movie about cyber crime, but something thatís been happening for over a year. Moreover, until recently it was unclear how victim machines became infected in the first place.

Thanks to some detective work by Kaspersky Lab virus analysts we do finally know how Gpcode has been spreading Ė at least the wave of new variants that hit Russia in early June. - Blackmailer: the story of Gpcode

Linked by shanmuga Tuesday, 27th June 2006 2:05AM