Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×
Security IT

Ransomware Making a Comeback 202

Posted by timothy from the please-send-money dept.
snydeq writes "Ransomware is back. After a hiatus of more than two years, a variant of the GpCode program has again been released, kidnapping victims' data and demanding $120 for its return, InfoWorld reports. 'Like the ransomware programs before it, GpCode encrypts a victim's files and then demands payment for the decryption key. The new version of GpCode — labeled GpCode.AX by security firm Kaspersky — comes with a bit more nastiness than previous attempts. The program overwrites files with the encrypted data, causing total loss of the original data, and uses stronger crypto algorithms — RSA-1024 and AES-256 — to scramble the information.'"
This discussion has been archived. No new comments can be posted.

Ransomware Making a Comeback More

Ransomware Making a Comeback

Comments Filter:

  • Ok, a question or two (Score:5, Interesting)

    by Weaselmancer ( 533834 ) on Friday December 03, 2010 @03:35AM (#34428436)

    The whole point of these malware authors is to ransom data for cash, right?

    How the hell do they get paid? And if that is an answerable question, that brings question number two.

    Why the hell can't the law find them?

    There would be a money trail of some sort. The money has to go from victim to the criminal. That is traceable.

    Isn't this really just a gigantic "kick me" sign?

  • Fixable possibly, but be careful anyway... (Score:5, Interesting)

    by SuperKendall ( 25149 ) on Friday December 03, 2010 @04:04AM (#34428548)

    I'd feel a little better about the proposed solution (let a disk utility recover the partitions) if they had actually tried a disk utility to see if it could in fact find the partitions and restore them. It does seem like it should work... and copying that thing back by hand is not a task I'd take on lightly with anyone's data but my own.

    Also wouldn't the thing that messed up the MBR in the first place still be in your Windows installation? I didn't see that they tried to boot from that drive after repairing the MBR. It could be the ransomware is just waiting for you to reboot and will do something nasty if you've not entered the password. It seems like even after a recovery you should take the drive to a different system and back it up immediately before you tried to boot from it again, but they do not mention that.

  • Re:Backups (Score:5, Interesting)

    by txoof ( 553270 ) on Friday December 03, 2010 @04:11AM (#34428578) Homepage

    Whenever I see family/friends/co-workers using external drives for "backup" I have to repress the urge to launch into a lecture on the absurdity of relying on a local, always mounted backup.

    WesternDigital and all the other purveyors of external hard disks should be ashamed of themselves for promoting their products as a reasonable backup solution. The ONLY kind of calamity that such devices protect you from is accidental deletion or hardware failure. An external drive provides absolutely no protection from any kind of malicious attack or catastrophic disaster (flood, fire, theft). The only real backup solution is an off-site backup. Considering how cheap Amazon S3 [amazon.com] is, off-site backups are finally a real solution for the average person.

    Apple's Time Machine and Fly Back [flyback-project.org] is a step in the right direction, but without a real off-site backup solution kiss your data goodbye, because when it falls into a river of molten rock, man, it's gone.

Slashdot Top Deals

"Gravitation cannot be held responsible for people falling in love." -- Albert Einstein

Close