Freigeben über


Freeware un-delete software pwns fancy schmancy 1024 bit encrypting malware?

Seems the miscreants behind the GPCode.ak (<-- picture of message user sees, poor English wording and all) malware finally picked up a copy of 'Applied Cryptography' or the 'Handbook of Applied Cryptography' and coded up a version of their malware that didn't suck.  And it was promptly pwnd by Kaspersky because of a design flaw in the malware that the authors seemingly didn't think about. :)  I'm glad the average miscreant doesn't do design reviews, threat modelling or data-flow diagrams. :)

Anyhoo - it seems that the lack of a native 'secure file delete' function in Windows is a double edged sword - it can hurt you or help you: https://www.kaspersky.com/news?id=207575654

Now that this is all over the news - I'm sure v.next of this ransomware will "fix the glitch" by zero'ing the deleted file or something . . . speaking of which here's an interesting new feature in Vista / WS2008 that I recently became aware of: https://msdn.microsoft.com/en-us/library/aa964911.aspx

Comments

  • Anonymous
    January 01, 2003
    Ostatnimi czasy było głośno o nowej wersji GPCode. Było głośno po części z uwagi na inicjatywę firmy Kaspersky, która to inicjatywa miała (przynajmniej według masowych doniesień) na celu złamanie klucza RSA wykorzystywanego przy szyfrowaniu