Don’t be a victim

09 Jun 2008

minute read

Authors

Alisa Shevchenko

The whole new Gpcode outbreak has set me thinking about attackers and victims in general. Yes, decrypting the key used by the new Gpcode is a thorny problem and there’s no guarantee of success. So I’d like to remind everyone that common sense is as improtant as good technology.

Passivity on the part of victims gives cyber-attackers free rein. If you’ve lost your data to Gpcode and are desperate to recover it…even if you give in and rush to purchase an egold account, you can still help stop whoever’s behind this. Don’t just send the PIN code to the blackmailers. Send a copy to the support service of the e-payment system you are using. This will help the investigators track the criminal. And tracking the criminal means s/he might even be caught red-handed.

On the other hand, victims failing to take any action guarantees that the criminal will never be caught – which means there will be new victims – or the same victims will suffer again…and again…and again.

Final thought – I hope that a fourth post on this subject isn’t misleading anyone. There is no Gpcode epidemic; we’ve seen a limited number of infections to date.

However, technical threats aside, it’s user awareness that continues to be a global issue. Stop being a victim, back up your data and take my comments above in context of Gpcode’s history. And then review your own information security in this context as well.

Authors

Alisa Shevchenko

Don’t be a victim

Latest Posts

Latest Webinars

Reports

We continue to report on the APT group ToddyCat. This time, we’ll talk about traffic tunneling, constant access to a target infrastructure and data extraction from hosts.

New unattributed DuneQuixote campaign targeting entities in the Middle East employs droppers disguised as Total Commander installer and CR4T backdoor in C and Go.

In this report Kaspersky researchers provide an analysis of the previously unknown HrServ web shell, which exhibits both APT and crimeware features and has likely been active since 2021.

Asian APT groups target various organizations from a multitude of regions and industries. We created this report to provide the cybersecurity community with the best-prepared intelligence data to effectively counteract Asian APT groups.

Don’t be a victim

GReAT Ideas. Balalaika Edition

GReAT Ideas. Green Tea Edition

GReAT Ideas. Powered by SAS: malware attribution and next-gen IoT honeypots

GReAT Ideas. Powered by SAS: threat actors advance on new fronts

GReAT Ideas. Powered by SAS: threat hunting and new techniques

Rootkit evolution

The evolution of technologies used to detect malicious code

The evolution of self-defense technologies in malware

Malicious hackers or careless users?

Vista vs. Viruses

How much security is enough?

TOP 10 unattributed APT mysteries

The future of cyberconflicts

Researchers call for a determined path to cybersecurity

What does it take to become a good reverse engineer?

Latest Posts

SoumniBot: the new Android banker’s unique techniques

Using the LockBit builder to generate targeted ransomware

XZ backdoor story – Initial analysis

DinodasRAT Linux implant targeting entities worldwide

Latest Webinars

The Future of AI in cybersecurity: what to expect in 2024

Responding to a data breach: a step-by-step guide

2024 Advanced persistent threat predictions

Overview of modern car compromise techniques and methods of protection

Reports

ToddyCat is making holes in your infrastructure

DuneQuixote campaign targets Middle Eastern entities with “CR4T” malware

HrServ – Previously unknown web shell used in APT attack

Modern Asian APT groups’ tactics, techniques and procedures (TTPs)

Subscribe to our weekly e-mails