Kaspersky Spots Fresh Ransomware Sample

According to researchers at Kaspersky Lab the security company, they've spotted one fresh sample of ransomware software, which has the potential to lock access to personal files by using one algorithm that's impossible to crack.

Notably, ransomware software prevents the functioning of critical systems alternatively encrypts vital documents following which it demands money for bringing back original operations.

Says Kaspersky that ransomware software, which manage in encrypting personal documents, pose greater risk incase the algorithm isn't possible to crack, and this results in data theft. The Gpcode group of ransomware applications represents this problem while utilizing RSA's secure public-key algorithm featuring the 1024-bit key.

These applications, when get installed, begin encoding files that they name with an already decided extension, while the files may include images or documents. Thereafter they post an alert, recommending computer-users that they should peruse a given file having instructions, which direct them for wiring money in return for the particular file decrypting key.

Meanwhile, the fresh ransomware sample, which Kaspersky has dubbed Trojan-Ransom.Win32.Gpcode.bn, is different in that its payment method demands pre-paid cards of 'Ukash' a global cash-payment mode online, while the ransom has been increased to $125 from $120.

Remarks Nicolas Brulez, researcher at Kaspersky Lab, computer-users must know about the problem as well as identity Gpcode right at the start of the security alerts surfacing on their desktops. Securelist.com published this on March 25, 2011.

Brulez further says that meanwhile, if anybody feels he's been contaminated with Gpcode, then Kaspersky suggests him not to make any alterations on his PC since that can potentially obstruct the restoration of lost data. The most secured thing to do is conducting a restart or shutdown of the system in spite of the malware author asserting that files will be erased within N days for, Kaspersky hasn't observed any such mechanism. Still it's better to avoid making a file system alteration that can result from say a computer restart. Then, of course, the power switch should be turned off immediately as a fastest solution, Brulez advises.

Conclusively, the above kind of ransomware sample suggests that malware emerging as ransomware is constantly rising.

Related article: Kaspersky Released malware Statistics for September 2008

» SPAMfighter News - 4/7/2011