New Version of gpcode Ransomware

Kaspersky Lab reports that is has seen a new variant of the gpcode ransomware. Gpcode.ak is an encryptor-virus which uses 1,024 bit encryption to lock down all data on an infected hard drive. The infected machine then shows this popup:

Translation – if you get infected, you are, um… in trouble. Kaspersky has cracked previous variants of this virus in a relatively short period of time. However, this encryption is twice as strong as previous versions, so don’t hold your breath waiting for it to be cracked.

Ransomware is not a new phenomenon, but this one is the worst threat to date. As we have warned before, BE VERY CAREFUL WHEN OPENING E-MAIL ATTACHMENTS. Especially .doc, .txt, .pdf, .xls, .jpg, .png, .cpp, .h. Kaspersky also has some guidelines to follow if you do become infected by gpcode.ak:

Contact Kaspersky Lab using another computer connected to the Internet. DO NOT RESTART or POWER DOWN the potentially infected machine.

Write to Kaspersky at: stopgpcode@kaspersky.com with the following information included in the email:

* Date & Time of infection
* Everything done on the computer in the 5 minutes before the machine was infected, including:
o Programs executed
o Websites visited

Kaspersky will then try to help.

Make sure you have a strong anti-malware program running and that you keep it up-to-date (ie. daily). Do not turn if off because it makes your computer run slow and do not run more than 1 anti-virus program on any one machine.