# Kaspersky finds workaround for crypto virus



## Glaswegian (Sep 16, 2005)

Kaspersky Lab has published advice on recovering files encrypted by the frightening Gpcode.ak virus, but there is a big catch – users must not have turned off their PC first.

A new variant of the malware struck last week, scrambling a variety of files on victims’ PCs using a very strong 1,024-bit RSA encryption key that has so far confounded attempts to crack it. Its creators demand a ransom for the unlock key.

While victims of the malware will be grateful to have any method to recover files, this technique is fraught with problems for the non-technical. Ideally, users need to have a second – and therefore clean - computer with which to download a GPL-licensed utility, Photorec, to start the process.

The biggest barrier of all, however, is that users must employ the file recovery utility without having turned off or rebooted their PC after the infection was first noticed, a fact that will probably reduce the number of people able to use the method to low percentages. 


http://www.techworld.com/security/news/index.cfm?RSS&NewsID=101947


----------

