Jump to content
unimax

Virus Paling Canggih Sudah Muncul

By unimax, in Utiliti & Sekuriti

Recommended Posts

unimax    0

unimax
Posted

Akhirnya muncul satu virus tebusan "ransomware" bayar untuk dapat balik file. Makmal Kaspersky minta bantuan anda semua.

http://www.net-security.org/malware_news.php?id=945

Watch out for a sneaky blackmailing virus that encrypts your data

Posted on 05.06.2008

Kaspersky Lab found a new variant of Gpcode, a dangerous encryptor virus has appeared, - Virus.Win32.Gpcode.ak. Gpcode.ak encrypts files with various extensions including, but not limited, to .doc, .txt, .pdf, .xls, .jpg, .png, .cpp, .h and more using an RSA encryption algorithm with a 1024-bit key.

Kaspersky Lab succeeded in thwarting previous variants of Gpcode when Kaspersky virus analysts were able to [biskut tawar] the private key after in-depth cryptographic analysis. Their researchers have to date been able to [biskut tawar] keys up to 660 bits. This was the result of a detailed analysis of the RSA algorithm implementation. It has been estimated that if the encryption algorithm is implemented correctly, it would take 1 PC with a 2.2 Ghz processor around 30 years to [biskut tawar] a 660-bit key.

The author of Gpcode has taken two years to improve the virus: the previous errors have been fixed and the key has been lengthened to 1024 bits instead of 660.

At the time of writing, Kaspersky researchers are unable to decrypt files encrypted by Gpcode.ak since the key is 1024 bits long and they have not found any errors in implementation yet. Thus, at the time of writing, the only way to decrypt the encrypted files is to use the private key which only the author has.

After Gpcode.ak encrypts files on the victim machine it changes the extension of these files to ._CRYPT and places a text file named !_READ_ME_!.txt in the same folder. In the text file the criminal tells the victims that the file has been encrypted and offers to sell them a decryptor:

«Your files are encrypted with RSA-1024 algorithm.

To recovery your files you need to buy our decryptor.

To buy decrypting tool contact us at: ********@yahoo.com»

In addition, after GPcode encrypts files, it also displays the message shown below:

In this case, Kaspersky researchers recommend that victims try to contact us using another computer connected to the Internet. DO NOT RESTART or POWER DOWN the potentially infected machine.

Kaspersky Lab offers some help:

Contact us by email at [email protected] and tell us the exact date and time of infection, as well everything you did on the computer in the 5 minutes before the machine was infected:

∙ Which programs you have executed,

∙ Which websites you have visited, etc.

We'll try and help you recover any data that has encrypted.

Kaspersky Lab analysts are continuing to analyze the virus code in search of a way to decrypt the files without having the private key.

Share this post

Link to post
Share on other sites

mfaizul89    3

mfaizul89
Posted (edited)

wah... dahsyat nyer...

passwmail.jpg

Kaspersky mintak bantuan...?

Edited by mfaiz

Share this post

Link to post
Share on other sites

Hiruka    4

Hiruka
Posted

In this case, Kaspersky researchers recommend that victims try to contact us using another computer connected to the Internet. DO NOT RESTART or POWER DOWN the potentially infected machine.

Ni yg ngeri tuh..ape akan terjadi? system malfunction? hardware paralyzed? nila menda yg diramalkan suatu tika dulu..virus tuh da siap dibina? hoho abisla network serantau..mudah²an dijauhi.

Share this post

Link to post
Share on other sites

razirazo    24

razirazo
Posted (edited)

eee..jahatnya manusia.... :o

Edited by razi_90@IBM thinkcentre

Share this post

Link to post
Share on other sites

dans kam    39

dans kam
Posted

salah bill gate jugak letak harga Windows mahal sgt....

Jom guna GNU/Linux!!!!!!

Share this post

Link to post
Share on other sites

Optimus07    0

Optimus07
Posted

Dier encrypt semua infected folder@files ngan RSA-1024 bit encryption. Bak kate dlm tuh sebuah komputer core2duo 2.2ghz akan amek mase 30thn nk decrypt balik. Stakat nih no error jumpe sejak tahun 2004... Kite tunggu tahun 2038 tgk ar camner...

Share this post

Link to post
Share on other sites

Hiruka    4

Hiruka
Posted

So AV² company sumer kenala prepare module masing² bagi prepatch versi Counter-Terorrist klu nk banteras haha :lol:

Share this post

Link to post
Share on other sites

razirazo    24

razirazo
Posted

tapi virus ni senang nak kesan(rasanya..) sebab kalau encrypt 1024 mesti berat punya.

Share this post

Link to post
Share on other sites

fiqri    0

fiqri
Posted

er.. bro baok.. ade comment (;

setiap mende tu mesti ade solve kan..

pelajarkaya.?

GVR.?

Share this post

Link to post
Share on other sites

BasicCX    27

BasicCX
Posted

Nak Encypt fail mana ada berat cepat lagi adalah. Yang nak decrypt 1024-bit length code la yang paling payah mahu2 1000 tahun pun x abis tanpa auth-key. Lain la pakai super computer QUAD-CORE, processor speed and ram yg laju. Tapi kalau dah semua komputer kena infection (xcukup terminal nak buat recovery) pasti kena caj la kalau nak decrypt.

Share this post

Link to post
Share on other sites

ApoNie    0

ApoNie
Posted

hahaha.. john the ripper ahhh.. :D

kalau encrypted nie memang susah, 1024-bit key pulak tu.. hahahaha.. emanangis ahh..

jadik cara nak prvent, smua data backup dalam DVD@ sebab bila dah burn, apa skalipon dah xleh nak kaco file tu... :ph34r:

Share this post

Link to post
Share on other sites

razirazo    24

razirazo
Posted

Nak Encypt fail mana ada berat cepat lagi adalah. Yang nak decrypt 1024-bit length code la yang paling payah mahu2 1000 tahun pun x abis tanpa auth-key. Lain la pakai super computer QUAD-CORE, processor speed and ram yg laju. Tapi kalau dah semua komputer kena infection (xcukup terminal nak buat recovery) pasti kena caj la kalau nak decrypt.

tu kalau komputer power..kalau acer dulu aku yang buruk tuh..encrypt lock folder sikit pun dah boleh nyesal sebab lama komain tunggu.decrypt?jangan minpi la...

Share this post

Link to post
Share on other sites

F18 HORNET    0

F18 HORNET
Posted (edited)

virus ni die kunci fail @ folder kite kan?

kaspersky je ke yang sibuk2 cari jalan penyelesaian....company av lain lak rilek je... :lol:

Edited by F18 HORNET

Share this post

Link to post
Share on other sites

Optimus07    0

Optimus07
Posted

virus ni die kunci fail @ folder kite kan?

kaspersky je ke yang sibuk2 cari jalan penyelesaian....company av lain lak rilek je... :lol:

Tuh namenye prihatin. Bajet bnyk, solution jer nk carik. Mgkn diorg nk carik coder dier pastu nk amek jadi salah sorg employee... Boleh buat encryption tools, masuk skali dlm kaspersky punye produk, bole tambah duit skit, topup duit minyak... :lol:

Share this post

Link to post
Share on other sites

unimax    0

unimax
Posted

kaspersky dulu berjaya cari biskut tawar. yg ni ada susah banyak. kira kaspersky lagi hebat dari symantec / ca.

bayangkan pengendali virus ni berkerjasama dgn penjaga botnet strom dan botnet kraken.

Share this post

Link to post
Share on other sites

faie86    0

faie86
Posted (edited)

bunyi cam canggih je virus ni.. mintak2 jgn kena kt pc aku..

yang pencipta virus ni satu.. menyalah gunakan kelebihan yg ada..

tak de ke tawaran sape2 yg dpt tangkap pencipta virus nih?

mesti pihak CIA tgh bekerja keras untuk mengesan pencipta virus..

Edited by pie8686

Share this post

Link to post
Share on other sites

Geekspro    0

Geekspro
Posted

hahaha.. john the ripper ahhh.. :D

kalau encrypted nie memang susah, 1024-bit key pulak tu.. hahahaha.. emanangis ahh..

jadik cara nak prvent, smua data backup dalam DVD@ sebab bila dah burn, apa skalipon dah xleh nak kaco file tu... :ph34r:

Jadi sesape yg ada file2 penting tu baik cepat2 burn dalam CD or DVD utk lebih selamat...

Share this post

Link to post
Share on other sites

sI sEmuT    0

sI sEmuT
Posted

hm...klu cm2, kne ls brpkat utk mmprcpatkn pnyebaran virus ni :P lbih sronok :P:lol::ph34r:

--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

alooo...

ko nie... ade ke patut kate gt2?....

kecian la kt org... klu kambing, xpe rrr...

ish..ish...ish...

Share this post

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
Go To Topic Listing
×
×
  • Create New...