Return of ransomware

Holding data to ransom is nothing new: the AIDS trojan was doing this back in 1990, applying blackmail principles to floppy-disk-spread viruses. If I remember correctly, it demanded $400 to unlock your data after locking it up using a particularly weak cipher with symmetrical encryption. Weak and easy-to-break, too, was the case the BBC reported in 2006 of a Manchester woman who found her data encrypted and a blackmail threat on her PC – Archiveus left her My Documents folder encrypted, and a note instructing her to buy several pharmaceutical drugs from a Russian-based internet chemist to trigger the key retrieval process. A local IT expert recovered most of her files without paying the ransom.

Return of ransomware

Gpcode, seen mostly in Russia around the same time, has been the most troublesome of blackmail trojans. It started out with 260-bit RSA encryption – much stronger than anything seen before – then very quickly moved up to 330-bit and then 660-bit. Its author had one simple demand: pay me money for a decoder application. That was the plan at any rate, but Kaspersky Labs’ analysts broke the 330-bit key in the Gpcode.af variation using some pretty serious computing power in just ten hours. The very next day, Gpcode.ag appeared with the 660-bit key and Kaspersky managed to crack that, too, thanks to errors in the encryption code that allowed the researchers to reverse-engineer the key. The Gpcode author then gave up and the trojan vanished, or so we thought until now.

Unfortunately, Gpcode is back. Using the Microsoft Enhanced Cryptographic Provider version 1.0 built into the Windows OS, it encrypts files using the RC4 algorithm, and the key itself is then encrypted with a 1,024-bit RSA public key contained in the body of the virus itself. It would appear that the author, assuming it’s the same person, has spent those two years tweaking their code to thwart the security response teams. This time around neither Kaspersky nor any other antivirus security research outfit has managed to find any coding errors, so the key cannot be broken in a day. In fact, the key can’t be broken at all.

To put that into perspective, to crack an RSA 1,024-bit key Kaspersky estimates it would take something like 15 million computers running flat out for a year to succeed, which is why it’s calling on researchers, cryptographers, boffins, academic labs and secret squirrel types to put their grey matter and beige boxes together for the common good by trying to crack the Gpcode.ak variation encryption. In fact, anyone who might have the kind of brainpower and hardware to give it a go is welcome. In case that describes you, here are the public encryption keys used by the authors of Gpcode in Windows XP and higher. This information should, Kaspersky insists, be enough to at least start factoring the key:

Key type: RSA KeyExchange

bitlength: 1024

RSA exponent: 0x00010001 (65537).

RSA modulus:

c0c21d693223d68fb573c5318982595799d2d295ed37da38be41ac8486ef900a

ee78b4729668fc920ee15fe0b587d1b61894d1ee15f5793c18e2d2c8cc64b053

9e01d088e41e0eafd85055b6f55d232749ef48cfe6fe905011c197e4ac6498c0

e60567819eab1471cfa4f2f4a27e3275b62d4d1bf0c79c66546782b81e93f85d

Okay, we know what ransomware is, we know what it does, and we even know why. What we don’t know is who. The evidence has always pointed East, and there have been plenty of clues in previous campaigns that suggest Russian gangs have a hand in this. The clues include targeting Russia first, using Yandex for payments (a Russian portal that includes a PayPal-like payment system), and the fact that the original Gpcode left a trace behind in a text file – in Russian.

Disclaimer: Some pages on this site may include an affiliate link. This does not effect our editorial in any way.

Todays Highlights
How to See Google Search History
how to download photos from google photos