Virus Hold Computer Files 'Hostage' for $200 488
dwayner79 sent in a story about a new virus making the rounds- this one is unique because it locks your files and then demands a $200 ransom to get them back. It seems to me that this might leave some sort of tracable money trail. They don't have much information on any particular transmission mechanism, they just talk about web pages giving it up.
Must be a real moron (Score:5, Informative)
Some files are coded.
To buy decoder mail: n781567@yahoo.com
with subject: PGPcoder 000000000032
Not Possible (Score:1, Informative)
Re:a fix (Score:3, Informative)
That is what is particularly scary about this. What if the hacker went offline-- even if you are willing to pay the money, you can't get to the files. They are as good as deleted
Re:I call hoax (Score:2, Informative)
"Malicious Cryptography: Exposing Cryptovirology" (Score:4, Informative)
I'd highly recommend the book (no, I don't know that author).
Re:It won't get a penny from me... (Score:5, Informative)
generate random key, encrypt data with it (symmetric),
encrypt that key with public one (stored in virus itself), destroy random key, give victim encrypted key.
Victim sends encrypted key to author, he decrypts it using his private key and sends it back.
Re:Finally! (Score:2, Informative)
I expected some funky game involving lemon juice and pie
Now I know as well.
This is even more gross than goatse, parrot or tubgirl! As a matter in fact I'm taking the rest of the day off, avoiding elderly people, to make sure my mind can recover.
Fellow
I won't be able to get the image I just googled out of my memory next time someone mentions a lemon
Re:I call hoax (Score:5, Informative)
Re:Finally! (Score:1, Informative)
http://www.encyclopediadramatica.com/index.php/Le
Re:This could be good (Score:3, Informative)
Do you really think a virus is going to take spyware hostage and then demand $200 for the key to unencrypt it? I don't know about you, but even if it did, I sure wouldn't be happy with this kind of virus on my computer.
Plus the article mentions this paritcular infection affected only "at least fifteen types of data," most of which were presumably important to the user, like spreadsheets and the like. But again, even if it did encrypt malware ... I don't see how it could be a good thing. Let's introduce them to Ad-Aware, Spybot, etc. instead, and safe browsing habits--the lack of which probably allowed both this virus and the malware on the computer in the first place.
The AIDS Trojan already tried this trick (Score:2, Informative)
http://www.claws-and-paws.com/virus/papers/histor
Re:Must be a real moron (Score:3, Informative)
Re:I call hoax (Score:5, Informative)
Re:Finally! (Score:5, Informative)
There is a thumbnail!
Re:a fix (Score:4, Informative)
so it's already been either bruteforced or cracked. My hunch is that a encryption program carried in a virus would be rather simplistic.
Re:a fix (Score:3, Informative)
-Joe
Joe Stewart, GCIH
Senior Security Researcher
LURHQ http://www.lurhq.com/ [lurhq.com]
Re:Wow (Score:5, Informative)
-Joe
--
Joe Stewart, GCIH
Senior Security Researcher
LURHQ http://www.lurhq.com/ [lurhq.com]
Re:Crypto Question (Score:5, Informative)
If you have just two files its still extremely hard... you need something like 2^23 files to do it in a reasonable amount of time (assuming RSA+IDEA).
This post is incorrect. Probably a semi-subtle troll rather than an honest error.
Neither RSA nor IDEA is vulnerable to a known-plaintext attack. In fact, any cipher that is vulnerable to such an attack is considered completely insecure, especially if only 2^23 "files" are needed.
If you get to choose the contents of one of the files its only about 2^17.
Neither RSA nor IDEA is vulnerable to a chosen-plaintext attack. There were some chosen-plaintext attacks against RSA a few years back (mid 90s), but proper padding eliminates them. And far more than 2^17 trials were required for typical key sizes. Again, no cipher that was vulnerable to such an attack would be considered secure.
Obviosly, if the keys are larger, it will take exponentially longer.
Larger than what? Are you assuming extremely small key sizes in order to achieve the numbers above? Actually, you don't get to pick the size of an IDEA key, because IDEA keys are 128 bits. Though you can arbitrarily fix key bits to produce a smaller effective key, there's no reason why the virus writer would want to do that.
Re:reminds me of the 'jackpot' virus (Score:3, Informative)
Screenshots [virusexperts.com]
Re:An old remake, using the Net this time, and $$$ (Score:3, Informative)
This was the classic example as to why blindly running "fdisk
Re:It won't get a penny from me... (Score:2, Informative)
Re:This makes me wonder... (Score:3, Informative)