Return of ransomware

Holding data to ransom is nothing new: the AIDS trojan was doing this back in 1990, applying blackmail principles to floppy-disk-spread viruses. If I remember correctly, it demanded $400 to unlock your data after locking it up using a particularly weak cipher with symmetrical encryption. Weak and easy-to-break, too, was the case the BBC reported in 2006 of a Manchester woman who found her data encrypted and a blackmail threat on her PC – Archiveus left her My Documents folder encrypted, and a note instructing her to buy several pharmaceutical drugs from a Russian-based internet chemist to trigger the key retrieval process. A local IT expert recovered most of her files without paying the ransom.

Return of ransomware

Gpcode, seen mostly in Russia around the same time, has been the most troublesome of blackmail trojans. It started out with 260-bit RSA encryption – much stronger than anything seen before – then very quickly moved up to 330-bit and then 660-bit. Its author had one simple demand: pay me money for a decoder application. That was the plan at any rate, but Kaspersky Labs’ analysts broke the 330-bit key in the variation using some pretty serious computing power in just ten hours. The very next day, appeared with the 660-bit key and Kaspersky managed to crack that, too, thanks to errors in the encryption code that allowed the researchers to reverse-engineer the key. The Gpcode author then gave up and the trojan vanished, or so we thought until now.

Unfortunately, Gpcode is back. Using the Microsoft Enhanced Cryptographic Provider version 1.0 built into the Windows OS, it encrypts files using the RC4 algorithm, and the key itself is then encrypted with a 1,024-bit RSA public key contained in the body of the virus itself. It would appear that the author, assuming it’s the same person, has spent those two years tweaking their code to thwart the security response teams. This time around neither Kaspersky nor any other antivirus security research outfit has managed to find any coding errors, so the key cannot be broken in a day. In fact, the key can’t be broken at all.

To put that into perspective, to crack an RSA 1,024-bit key Kaspersky estimates it would take something like 15 million computers running flat out for a year to succeed, which is why it’s calling on researchers, cryptographers, boffins, academic labs and secret squirrel types to put their grey matter and beige boxes together for the common good by trying to crack the Gpcode.ak variation encryption. In fact, anyone who might have the kind of brainpower and hardware to give it a go is welcome. In case that describes you, here are the public encryption keys used by the authors of Gpcode in Windows XP and higher. This information should, Kaspersky insists, be enough to at least start factoring the key:

Key type: RSA KeyExchange

bitlength: 1024

RSA exponent: 0x00010001 (65537).

RSA modulus:





Okay, we know what ransomware is, we know what it does, and we even know why. What we don’t know is who. The evidence has always pointed East, and there have been plenty of clues in previous campaigns that suggest Russian gangs have a hand in this. The clues include targeting Russia first, using Yandex for payments (a Russian portal that includes a PayPal-like payment system), and the fact that the original Gpcode left a trace behind in a text file – in Russian.

Disclaimer: Some pages on this site may include an affiliate link. This does not effect our editorial in any way.

Todays Highlights
How to See Google Search History
how to download photos from google photos