Feeds

Security militia sought to brutalize ransomware virus

Time to crack some key

Internet Security Threat Report 2014

After discovering a new and improved virus that encrypts important files on infected machines, researchers from Kaspersky are calling on fellow security professionals to lend a hand in cracking the massive key needed to liberate the ensnared data.

The call to arms posted Friday comes two days after the antivirus provider detected a new variant of a malicious file-encryptor dubbed Gpcode. It surreptitiously encrypts a variety of files, including photos and those used by MS Word and Excel and Adobe Reader. Victims can only recover the missing booty by paying a ransom to the miscreants.

When Gpcode first made the rounds two years ago, Kaspersky was able to neutralize the threat by deducing the private key needed to unlock the encrypted data. That was possible because the crooks used a 660-bit RSA key and made some critical mistakes when implementing the encryption algorithm.

Cryptographers won't have as easy a task this time around. Gpcode uses a 1024-bit key and the algorithm seems to be sound, so brute-forcing the scheme will require about 15 million modern computers, and even then, it could take about a year.

"Of course, we don't have that type of computing power at our disposal," Kaspersky says in its appeal. "This is a case where we need to work together and apply all our collective knowledge and resources to the problem."

They've included two public keys - one used to encrypt files on XP and Vista machines and the other for all other versions of Windows. And they've also provided the exponent for the keys. They're especially interested in someone stepping forward with a custom-built application that can tackle the tough job of factoring the key. A forum for the project is here. ®

Remote control for virtualized desktops

More from The Register

next story
Regin: The super-spyware the security industry has been silent about
NSA fingered as likely source of complex malware family
Why did it take antivirus giants YEARS to drill into super-scary Regin? Symantec responds...
FYI this isn't just going to target Windows, Linux and OS X fans
Privacy bods offer GOV SPY VICTIMS a FREE SPYWARE SNIFFER
Looks for gov malware that evades most antivirus
Home Office: Fancy flogging us some SECRET SPY GEAR?
If you do, tell NOBODY what it's for or how it works
HACKERS can DELETE SURVEILLANCE DVRS remotely – report
Hikvision devices wide open to hacking, claim securobods
'Regin': The 'New Stuxnet' spook-grade SOFTWARE WEAPON described
'A degree of technical competence rarely seen'
Syrian Electronic Army in news site 'hack' POP-UP MAYHEM
Gigya redirect exploit blamed for pop-rageous ploy
Astro-boffins start opening universe simulation data
Got a supercomputer? Want to simulate a universe? Here you go
prev story

Whitepapers

Driving business with continuous operational intelligence
Introducing an innovative approach offered by ExtraHop for producing continuous operational intelligence.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
Why CIOs should rethink endpoint data protection in the age of mobility
Assessing trends in data protection, specifically with respect to mobile devices, BYOD, and remote employees.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Mitigating web security risk with SSL certificates
Web-based systems are essential tools for running business processes and delivering services to customers.