Once this Trojan successfully enters the PC, it will immediately encrypt the file. Total Gpcode can be encoded to 143 different file types such as .bak, .doc, .jpg, .pdf . The files after being encrypted will be added with the word '_CRYPT' in the name and the original will be cancel. Not only that, the Trojan after completing the mission also "committed suicide" to avoid being detected.
After that, the ransom message will be displayed on the PC screen. ' Your data files have been encrypted using RSA 1024-bit algorithm.To recover, you need to buy decoding software.Please contact us via email xxxx@yahoo.com, to buy this software '.
The Trojan was discovered by Kaspersky shortly after it began to spread not long. However, this security firm has not been able to break the encryption algorithm used by Gpcode. Notably, the encryption key used by Gpcode is created with the built-in Enhanced Cryptographic Provider tool in Microsoft Windows operating system.
' We cannot solve encrypted files.1024-bit RSA is an extremely powerful encryption algorithm, which is difficult to break.We only have a public key, not a private key, so we can't decrypt encrypted files . '
Kaspersky called for support to kill the extortion kidnapping code Picture 1 Finally, Kaspersky had to call for help from the community. ' This is really a huge challenge.We estimate that it takes about 15 million high-end PCs to operate continuously for about a year to be able to break this 1024-bit security key , 'said Aleks Gostev, Kaspersky's leading malicious analyst. know.
' That's why we call upon you - encryption experts, scientific organizations, government organizations, security firms, security researchers . - let's join us to fight. head with Gpcode '.
Since Gpcode has appeared so far it has been continually improved by hackers and is constantly applying new encryption techniques. Two years ago, Gpcode applied the 660-bit encryption key, but Kaspersky was lucky enough to break this lock because the Gpcode programmer was not careful in applying encryption algorithms.
Gpcode once again appeared late last summer with the claimed encryption mechanism up to 4096-bit RSA.