Freeware un-delete software pwns fancy schmancy 1024 bit encrypting malware?

Seems the miscreants behind the GPCode.ak (<-- picture of message user sees, poor English wording and all) malware finally picked up a copy of 'Applied Cryptography' or the 'Handbook of Applied Cryptography' and coded up a version of their malware that didn't suck.  And it was promptly pwnd by Kaspersky because of a design flaw in the malware that the authors seemingly didn't think about. 🙂  I'm glad the average miscreant doesn't do design reviews, threat modelling or data-flow diagrams. 🙂

Anyhoo - it seems that the lack of a native 'secure file delete' function in Windows is a double edged sword - it can hurt you or help you:

Now that this is all over the news - I'm sure of this ransomware will "fix the glitch" by zero'ing the deleted file or something . . . speaking of which here's an interesting new feature in Vista / WS2008 that I recently became aware of:

Comments (1)

  1. Anonymous says:

    Ostatnimi czasy było głośno o nowej wersji GPCode. Było głośno po części z uwagi na inicjatywę firmy Kaspersky, która to inicjatywa miała (przynajmniej według masowych doniesień) na celu złamanie klucza RSA wykorzystywanego przy szyfrowaniu

Skip to main content