Encryptor Virus Strikes Again
It's update day in malware land: the latest release is Virus.Win32.Gpcode.ak, a new version of the infamous Gpcode encryptor virus.
June 6, 2008
“Your files are encrypted with RSA-1024 algorithm.
To recovery your files you need to buy our decryptor.
To buy decrypting tool contact us at: ********@yahoo.com”
The previous version of the virus used 660-bit key. According to Kaspersky Lab virus researchers, that key could be cracked by a PC with a 2.2 Ghz processor in around 30 years. The 660-bit key was cracked at Kaspersky Lab based on a detailed analysis of the RSA algorithm implementation.
Kaspersky warns that, at present time, the filed could only be encrypted with the help of a private key. Unfortunately, guess who's got the key.
Infected users are advised not to restart or shut down the affected machine. Instead, they should contact the security company, as well as the local cyber crime law enforcement units.