More ransomware scams floating about
Apr. 14th, 2011 11:53 am![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png)
This latest one pops up a Microsoft-looking Windows 7 page on your computer and claims to have locked your Windows license key. Calls to the number to unlock it are routed internationally, you're put on hold, and you rack up a substantial phone bill. F-Secure found that 1351236 will unlock the system, but no guarantees. Your best bet is probably an OS reinstall.
Another thing mentioned in the article is an encryption ransomware scam if you happen to catch a vicious piece of nastiness called GPCode:
"GPcode creats a randomly generated 256-bit AES key on each infected system, which it uses to encrypt a number of files including all .doc, .rtf, Excel and PDF files.
It in turn encrypts the AES key using the fraudsters' public RSA key and saves only the encrypted version to the infected system. Consequently, the only way of restoring the system is to use the fraudsters' secret key. The encryption technique used is almost uncrackable and reverse engineering the malware is also fruitless. As Kaspersky's Nicolas Brulez notes in his analysis of GPcode, the only hope is a recent backup. Users who decide to play the blackmailers' game and pay up run the risk of losing their money and still not being able to access their data."
So, like voting in Chicago, back up early and often!
http://www.h-online.com/security/news/item/Ransomware-claims-to-lock-Windows-licence-1226789.html
Another thing mentioned in the article is an encryption ransomware scam if you happen to catch a vicious piece of nastiness called GPCode:
"GPcode creats a randomly generated 256-bit AES key on each infected system, which it uses to encrypt a number of files including all .doc, .rtf, Excel and PDF files.
It in turn encrypts the AES key using the fraudsters' public RSA key and saves only the encrypted version to the infected system. Consequently, the only way of restoring the system is to use the fraudsters' secret key. The encryption technique used is almost uncrackable and reverse engineering the malware is also fruitless. As Kaspersky's Nicolas Brulez notes in his analysis of GPcode, the only hope is a recent backup. Users who decide to play the blackmailers' game and pay up run the risk of losing their money and still not being able to access their data."
So, like voting in Chicago, back up early and often!
http://www.h-online.com/security/news/item/Ransomware-claims-to-lock-Windows-licence-1226789.html