New Gpcode (encryption) ransomware speading via botnet
August 13, 2008 – 12:43 PMThere are confirmed reports on a new version of the Gpcode ransomware being spread via a botnet.
According to Vitaly Kamluk of Kaspersky Lab (my employer), the Trojan encrypts files on an infected machine (AES-256) and leaves a text file named crypted.txt with a ransom note demanding $10 to decrypt the files. It also changes the desktop wallpaper with a skull/crossbones image that contains a URL, an ICQ number and an e-mail address to contact the author.
You must be logged in to post a comment.