The use of ransomware attacks which hold files and data’s in hostage is becoming increasingly complex, warned Kaspersky Labs. These blackmailing viruses, led by the notorious Gpcode, first appeared at the beginning of 2004, evolved rapidly during 2005, and reached a peak of activity in 2006.
Kaspersky Labs said the trend of hackers using primitive encryption algorithms (in the case of Gpcode) or simply corrupted the system registry (Krotten), has changed now to use of more secure encryption algorithms (RSA) and using specific techniques to place data in password protected archives.
This latest variant of Gpcode used a 660 bit key, the longest key which has ever been broken. According to estimates, it would take at least 30 years using a 2.2 GHz computer to break such a key. However, Kaspersky Lab has bee lucky to add decryption routines for files which had been encrypted using this key to antivirus databases within a single day.
While Kaspersky Lab was able to crack the codes, they predict that in future a new variant, with a longer key, could appear at any time.
The methods the virus used to spread are particularly inventive - it targeted one of the most popular Russian recruitment sites. Applicants who expressed an interest in vacancies then received a message which appeared to be in response to their query, but which actually contained a Trojan. This use of social engineering ensured a high infection rate amongst potential victims.
print
save
email
comment
Copyright @ 2004 Software & Support Media
Powered By Media Teknologi Informasi Corp.
Privacy PolicyTerms of Use
