unimax 0 Report post Posted June 12, 2008 Akhirnya muncul satu virus tebusan "ransomware" bayar untuk dapat balik file. Makmal Kaspersky minta bantuan anda semua.http://www.net-security.org/malware_news.php?id=945Watch out for a sneaky blackmailing virus that encrypts your dataPosted on 05.06.2008Kaspersky Lab found a new variant of Gpcode, a dangerous encryptor virus has appeared, - Virus.Win32.Gpcode.ak. Gpcode.ak encrypts files with various extensions including, but not limited, to .doc, .txt, .pdf, .xls, .jpg, .png, .cpp, .h and more using an RSA encryption algorithm with a 1024-bit key. Kaspersky Lab succeeded in thwarting previous variants of Gpcode when Kaspersky virus analysts were able to [biskut tawar] the private key after in-depth cryptographic analysis. Their researchers have to date been able to [biskut tawar] keys up to 660 bits. This was the result of a detailed analysis of the RSA algorithm implementation. It has been estimated that if the encryption algorithm is implemented correctly, it would take 1 PC with a 2.2 Ghz processor around 30 years to [biskut tawar] a 660-bit key. The author of Gpcode has taken two years to improve the virus: the previous errors have been fixed and the key has been lengthened to 1024 bits instead of 660. At the time of writing, Kaspersky researchers are unable to decrypt files encrypted by Gpcode.ak since the key is 1024 bits long and they have not found any errors in implementation yet. Thus, at the time of writing, the only way to decrypt the encrypted files is to use the private key which only the author has. After Gpcode.ak encrypts files on the victim machine it changes the extension of these files to ._CRYPT and places a text file named !_READ_ME_!.txt in the same folder. In the text file the criminal tells the victims that the file has been encrypted and offers to sell them a decryptor:«Your files are encrypted with RSA-1024 algorithm.To recovery your files you need to buy our decryptor.To buy decrypting tool contact us at: ********@yahoo.com»In addition, after GPcode encrypts files, it also displays the message shown below: In this case, Kaspersky researchers recommend that victims try to contact us using another computer connected to the Internet. DO NOT RESTART or POWER DOWN the potentially infected machine.Kaspersky Lab offers some help:Contact us by email at [email protected] and tell us the exact date and time of infection, as well everything you did on the computer in the 5 minutes before the machine was infected:∙ Which programs you have executed, ∙ Which websites you have visited, etc.We'll try and help you recover any data that has encrypted. Kaspersky Lab analysts are continuing to analyze the virus code in search of a way to decrypt the files without having the private key. Quote Share this post Link to post Share on other sites
mfaizul89 3 Report post Posted June 12, 2008 (edited) wah... dahsyat nyer...Kaspersky mintak bantuan...? Edited June 12, 2008 by mfaiz Quote Share this post Link to post Share on other sites
Mr.Fahizi 0 Report post Posted June 12, 2008 (edited) Kaspersky Analysist Edited June 12, 2008 by Mr.Fahizi Quote Share this post Link to post Share on other sites
Optimus07 0 Report post Posted June 12, 2008 MAK KO, BLEH BUAT meniaga bende nih... Quote Share this post Link to post Share on other sites
Hiruka 4 Report post Posted June 12, 2008 In this case, Kaspersky researchers recommend that victims try to contact us using another computer connected to the Internet. DO NOT RESTART or POWER DOWN the potentially infected machine.Ni yg ngeri tuh..ape akan terjadi? system malfunction? hardware paralyzed? nila menda yg diramalkan suatu tika dulu..virus tuh da siap dibina? hoho abisla network serantau..mudah²an dijauhi. Quote Share this post Link to post Share on other sites
razirazo 24 Report post Posted June 12, 2008 (edited) eee..jahatnya manusia.... Edited June 12, 2008 by razi_90@IBM thinkcentre Quote Share this post Link to post Share on other sites
dans kam 39 Report post Posted June 12, 2008 salah bill gate jugak letak harga Windows mahal sgt....Jom guna GNU/Linux!!!!!! Quote Share this post Link to post Share on other sites
Optimus07 0 Report post Posted June 12, 2008 Dier encrypt semua infected folder@files ngan RSA-1024 bit encryption. Bak kate dlm tuh sebuah komputer core2duo 2.2ghz akan amek mase 30thn nk decrypt balik. Stakat nih no error jumpe sejak tahun 2004... Kite tunggu tahun 2038 tgk ar camner... Quote Share this post Link to post Share on other sites
Hiruka 4 Report post Posted June 12, 2008 So AV² company sumer kenala prepare module masing² bagi prepatch versi Counter-Terorrist klu nk banteras haha Quote Share this post Link to post Share on other sites
razirazo 24 Report post Posted June 12, 2008 tapi virus ni senang nak kesan(rasanya..) sebab kalau encrypt 1024 mesti berat punya. Quote Share this post Link to post Share on other sites
Geekspro 0 Report post Posted June 12, 2008 Makin menggila virus sekarang ni... :angry: Quote Share this post Link to post Share on other sites
fiqri 0 Report post Posted June 12, 2008 er.. bro baok.. ade comment (;setiap mende tu mesti ade solve kan..pelajarkaya.?GVR.? Quote Share this post Link to post Share on other sites
BasicCX 27 Report post Posted June 12, 2008 Nak Encypt fail mana ada berat cepat lagi adalah. Yang nak decrypt 1024-bit length code la yang paling payah mahu2 1000 tahun pun x abis tanpa auth-key. Lain la pakai super computer QUAD-CORE, processor speed and ram yg laju. Tapi kalau dah semua komputer kena infection (xcukup terminal nak buat recovery) pasti kena caj la kalau nak decrypt. Quote Share this post Link to post Share on other sites
ApoNie 0 Report post Posted June 12, 2008 hahaha.. john the ripper ahhh.. kalau encrypted nie memang susah, 1024-bit key pulak tu.. hahahaha.. emanangis ahh..jadik cara nak prvent, smua data backup dalam DVD@ sebab bila dah burn, apa skalipon dah xleh nak kaco file tu... Quote Share this post Link to post Share on other sites
razirazo 24 Report post Posted June 12, 2008 Nak Encypt fail mana ada berat cepat lagi adalah. Yang nak decrypt 1024-bit length code la yang paling payah mahu2 1000 tahun pun x abis tanpa auth-key. Lain la pakai super computer QUAD-CORE, processor speed and ram yg laju. Tapi kalau dah semua komputer kena infection (xcukup terminal nak buat recovery) pasti kena caj la kalau nak decrypt.tu kalau komputer power..kalau acer dulu aku yang buruk tuh..encrypt lock folder sikit pun dah boleh nyesal sebab lama komain tunggu.decrypt?jangan minpi la... Quote Share this post Link to post Share on other sites
F18 HORNET 0 Report post Posted June 12, 2008 (edited) virus ni die kunci fail @ folder kite kan? kaspersky je ke yang sibuk2 cari jalan penyelesaian....company av lain lak rilek je... Edited June 12, 2008 by F18 HORNET Quote Share this post Link to post Share on other sites
Optimus07 0 Report post Posted June 12, 2008 virus ni die kunci fail @ folder kite kan? kaspersky je ke yang sibuk2 cari jalan penyelesaian....company av lain lak rilek je... Tuh namenye prihatin. Bajet bnyk, solution jer nk carik. Mgkn diorg nk carik coder dier pastu nk amek jadi salah sorg employee... Boleh buat encryption tools, masuk skali dlm kaspersky punye produk, bole tambah duit skit, topup duit minyak... Quote Share this post Link to post Share on other sites
cixent 0 Report post Posted June 12, 2008 macamana aku nak dapatkan sample virus ni? Quote Share this post Link to post Share on other sites
unimax 0 Report post Posted June 12, 2008 kaspersky dulu berjaya cari biskut tawar. yg ni ada susah banyak. kira kaspersky lagi hebat dari symantec / ca.bayangkan pengendali virus ni berkerjasama dgn penjaga botnet strom dan botnet kraken. Quote Share this post Link to post Share on other sites
faie86 0 Report post Posted June 12, 2008 (edited) bunyi cam canggih je virus ni.. mintak2 jgn kena kt pc aku.. yang pencipta virus ni satu.. menyalah gunakan kelebihan yg ada..tak de ke tawaran sape2 yg dpt tangkap pencipta virus nih?mesti pihak CIA tgh bekerja keras untuk mengesan pencipta virus.. Edited June 12, 2008 by pie8686 Quote Share this post Link to post Share on other sites
KhUrAyAtZ 0 Report post Posted June 12, 2008 setakat mana jua kecanggihan nya tu ye?.. Quote Share this post Link to post Share on other sites
Geekspro 0 Report post Posted June 15, 2008 hahaha.. john the ripper ahhh.. kalau encrypted nie memang susah, 1024-bit key pulak tu.. hahahaha.. emanangis ahh..jadik cara nak prvent, smua data backup dalam DVD@ sebab bila dah burn, apa skalipon dah xleh nak kaco file tu... Jadi sesape yg ada file2 penting tu baik cepat2 burn dalam CD or DVD utk lebih selamat... Quote Share this post Link to post Share on other sites
sI sEmuT 0 Report post Posted June 15, 2008 hm...klu cm2, kne ls brpkat utk mmprcpatkn pnyebaran virus ni lbih sronok --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------alooo...ko nie... ade ke patut kate gt2?....kecian la kt org... klu kambing, xpe rrr...ish..ish...ish... Quote Share this post Link to post Share on other sites
agc2884 0 Report post Posted June 16, 2008 backup tu penting..huhuhohohooho...virus dah semakin maju...tapi takpe..dorg mesti akan jumpe biskut tawar tuk virus ni punye... Quote Share this post Link to post Share on other sites
joetbg_x 0 Report post Posted June 17, 2008 Kaspersky Lab releases instructions on how to recover files attacked by the Gpcode.ak virushttp://www.kaspersky.com/news?id=207575654 Quote Share this post Link to post Share on other sites