New kidnapper malware asks for $300 ransom

MicroWorld is a pioneer in Content Security Antivirus Messaging Gateway and Firewall solutions. MicroWorld products offer Real Time antivirus solutions based on MicroWorld Revolutionary Technology.

Mumbai, (PresseBox) - A new ransomware is spreading on the Internet. It encrypts a whole lot of files on your computer and asks you to pay up $300 to give you the decryption code for recovering the data, say Security Experts at MicroWorld Technologies.

The malware comes into computers through Internet downloads and as a part of dubious programs and utilities. Named as ‘GPcode.ai’, the Trojan raises the current user rights to a higher level in order to modify files and to make changes in the Windows registry. GPcode.ai also injects itself into a legitimate Windows process to remain in the memory and avoid detection.

The ransomware then searches for more than 200 file types and encrypts them all! It also tries to send the stolen data to the remote attacker. What the victim of the attack is left with is hordes of garbage files, and a text file that reads as follows:

Hello, your files are encrypted with RSA-4096 algorithm
(http://en.wikipedia.org/...).

You will need at least few years to decrypt these files without our software.

All your private information for last 3 months were collected and sent to us.

To decrypt your files you need to buy our software. The price is $300.

To buy our software please contact us at ------------- and provide us your personal code ----------- . After successful purchase we will send your decrypting tool, and your private information will be deleted from our system.

“The claim about RSA-4096 is a bogus one as the encryption is done with a much simpler technology,” points out Vikas Vishwasrao, Assistant Manager – R&D, MicroWorld Technologies. “But the false claim and the link to the RSA page on Wikipedia is clever Social Engineering, to make you part with your money at the earliest. Like most malware gangs today, the one behind this too is looking for some quick dollars”.

Though a few cases of ransomware infections were reported last year, this is the first such significant incident in 2007. MayArchive.a was one such malware which directed users to buy pharmaceuticals worth $75 from a Russian website at virtual gunpoint. Another one named GpCode.af used an actual RSA algorithm for encrypting files.

Security experts are keeping a close watch on this tribe of malware. CEO of MicroWorld, Govind Rammurthy, says: “While one branch of malware programs is moving towards stealthier varieties and camouflaged techniques, this offshoot is rather a brazen variety which shows that cyber criminals can go to any levels in stealing your money. Surely, it also points to the need of backing up your data regularly and protecting your computer with a proactive, real-time Antivirus solution”.

MicroWorld

MicroWorld Technologies (www.mwti.net) is the developer of highly advanced AntiVirus, Content Security and Firewall software solutions eScan, MailScan, and eConceal. MicroWorld Winsock Layer (MWL) is the revolutionary technology that powers most of MicroWorld products enabling them to achieve several certifications and awards by some of the most prestigious testing bodies, notable among them being Virus Bulletin, Checkmark, TUCOWS, Red Hat Ready and Novell Ready.

For more information, please visit www.mwti.net

MicroWorld Technologies GmbH

"MicroWorld Technologies (www.mwti.net) is the developer of highly advanced AntiVirus, Content Security and Firewall software solutions eScan, MailScan, and eConceal. MicroWorld Winsock Layer (MWL) is the revolutionary technology that powers most of MicroWorld products enabling them to achieve several certifications and awards by some of the most prestigious testing bodies, notable among them being Virus Bulletin, Checkmark, TUCOWS, Red Hat Ready and Novell Ready.

For more information, please visit www.mwti.net"

Press releases you might also be interested in

Weitere Informationen zum Thema "Software":

Service Provider müssen Multi-Cloud-Umgebungen mit Beratung kombinieren

Für Ma­na­ged Ser­vice Pro­vi­der be­deu­tet der Vor­marsch der Hy­per­s­ca­ler wie AWS und Mi­cro­soft, dass sie sich an­ders auf­s­tel­len müs­sen. Mul­ti-Cloud-Um­ge­bun­gen soll­ten mit Be­ra­tung kom­bi­niert wer­den, so Tho­mas Kitz, Di­rec­tor Sa­les Pro­vi­der bei HPE.

Weiterlesen

Subscribe for news

The subscribtion service of the PresseBox informs you about press information of a certain topic by your choice at a choosen time. Please enter your email address to receive the email with the press releases.

An error occurred!

Thank you! You will receive a confirmation email within a few minutes.


I want to subscribe to the gratis press mail and have read and accepted the conditions.