Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Seems the miscreants behind the GPCode.ak (<-- picture of message user sees, poor English wording and all) malware finally picked up a copy of 'Applied Cryptography' or the 'Handbook of Applied Cryptography' and coded up a version of their malware that didn't suck. And it was promptly pwnd by Kaspersky because of a design flaw in the malware that the authors seemingly didn't think about. :) I'm glad the average miscreant doesn't do design reviews, threat modelling or data-flow diagrams. :)
Anyhoo - it seems that the lack of a native 'secure file delete' function in Windows is a double edged sword - it can hurt you or help you: https://www.kaspersky.com/news?id=207575654
Now that this is all over the news - I'm sure v.next of this ransomware will "fix the glitch" by zero'ing the deleted file or something . . . speaking of which here's an interesting new feature in Vista / WS2008 that I recently became aware of: https://msdn.microsoft.com/en-us/library/aa964911.aspx
Comments
- Anonymous
January 01, 2003
Ostatnimi czasy było głośno o nowej wersji GPCode. Było głośno po części z uwagi na inicjatywę firmy Kaspersky, która to inicjatywa miała (przynajmniej według masowych doniesień) na celu złamanie klucza RSA wykorzystywanego przy szyfrowaniu