Freeware un-delete software pwns fancy schmancy 1024 bit encrypting malware?


Seems the miscreants behind the GPCode.ak (<– picture of message user sees, poor English wording and all) malware finally picked up a copy of ‘Applied Cryptography’ or the ‘Handbook of Applied Cryptography‘ and coded up a version of their malware that didn’t suck.  And it was promptly pwnd by Kaspersky because of a design flaw in the malware that the authors seemingly didn’t think about. 🙂  I’m glad the average miscreant doesn’t do design reviews, threat modelling or data-flow diagrams. 🙂


Anyhoo – it seems that the lack of a native ‘secure file delete’ function in Windows is a double edged sword – it can hurt you or help you: http://www.kaspersky.com/news?id=207575654


Now that this is all over the news – I’m sure v.next of this ransomware will “fix the glitch” by zero’ing the deleted file or something . . . speaking of which here’s an interesting new feature in Vista / WS2008 that I recently became aware of: http://msdn.microsoft.com/en-us/library/aa964911.aspx


Comments (1)

  1. Anonymous says:

    Ostatnimi czasy było głośno o nowej wersji GPCode. Było głośno po części z uwagi na inicjatywę firmy Kaspersky, która to inicjatywa miała (przynajmniej według masowych doniesień) na celu złamanie klucza RSA wykorzystywanego przy szyfrowaniu