Comments: The Crypto Wars are On/Off/On/Off...


PGPCoder.A ' will kidnap computer archives and demand a ransom for them.

SERVIMEDIA MADRID. - The inventiveness to create virii and to make criminal activities with them seems not to have limits, demonstrated by the recent appearance of a new trojan that encrypts archives of the infected computer later to ask for a ransom of 200 dollars so that these can be released. According to PandaLabs, the malicious code of 'Trj.PGPCoder.A is a trojan, since it does not have capacity of own propagation, although its "modus operandi" supposes a new strategy, little used to date, and that it already has in alert to the FBI. Once installed in the computer, the code creates two keys in the registry: one to ensure its completion in each system startup, and one second to take control of processes in the infected computer, counting the number of files that the troyano has analyzed. Once executed, virus comes with his mission, that is the one to codify by means of a digital key of coding all the archives that find in the units of the computer and which they have one of the extensions that it has registered in his code, between whom they are ' DOC', ' HTML', ' JPG', ' XLS', ' ZIP' and ' RAR', all of them formats very common. In order to carry out the blackmail, the trojan deposits a text file within each directory, where the action is indicated that has been carried out, and a email address is provided where to ask for the "rescue" of documents, previous payment of an amount of money, 200 dollars.

Posted by Hasan at May 25, 2005 11:10 AM

There is nothing new about a computer virus which encrypts your hard disk using strong encryption. How about this 1993 vintage one ?

KOH (King of Hearts / Potassium Hydroxide)

The source code was published by Dr. Mark Ludwig in "The Giant Black Book of Computer Viruses"

Posted by Watching Them, Watching Us at May 25, 2005 01:53 PM
Post a comment

Remember personal info?

Hit Preview to see your comment.
MT::App::Comments=HASH(0x55fc6e169c20) Subroutine MT::Blog::SUPER::site_url redefined at /home/iang/www/fc/cgi-bin/mt/lib/MT/ line 125.