Virus.Win32.Gpcode

Posted by admin Published in Virus

Play online games at GameDuell.
New Training Titles for Audio Software, Hardware & Technical Skills.
Shockwave has the game Risk! Buy it now!
Join LinkShare Today!
SYNC Outlook and Files on all your Computers
We have detected a new version of the ‘malicious blackmailer’ Gpcode — Virus.Win32.Gpcode.ak.

The new Gpcode variant encrypts files with extensions DOC, TXT, PDF, XLS, JPG, PNG, CPP, H etc. on hard drives using an RSA algorithm with a 1024-bit key.

After encrypting files, the virus leaves a text file in the folder next to the encrypted files with following message:

Your files are encrypted with RSA-1024 algorithm.
To recovery your files you need to buy our decryptor.
To buy decrypting tool contact us at: ********@yahoo.com

Currently, we detect the new variant, but we are unable to crack the 1024-bit key. Our analysts are continuing to work on both the key and the virus to resolve this issue.

We recommends that all Internet users enable maximum protection from malicious code and network attacks on their computers and refrain from executing suspicious programs received from untrustworthy sources.

Detection of Virus.Win32.Gpcode.ak was added to Shield Deluxe and Security Shield signature databases yesterday, on June 4th, at 15:39 GMT. Please make sure to update if you haven’t already.

Malware beyond Vista and XP (December 3rd, 2009)
Traps on the Internet (December 3rd, 2009)
Mobile Malware Evolution: An Overview, Part 3 (December 3rd, 2009)
“Brazil: a country rich in banking Trojans” (December 3rd, 2009)
Monthly Malware Statistics: October 2009 (December 3rd, 2009)

1 user responded in this post

Subscribe to this post comment rss or trackback url

insurancesitesfind » Blog Archive » Virus.Win32.Gpcode | All about information from internet said in November 3rd, 2008 at 3:05 pm

[...] We have detected a new version of the ‘malicious blackmailer’ Gpcode — Virus.Win32.Gpcode.ak. The new Gpcode variant encrypts files with extensions. Read more [...]