Content deleted Content added
GreenC bot (talk | contribs) Rescued 1 archive link. Wayback Medic 2.5 per WP:URLREQ#symantec.com |
No edit summary |
||
Line 16:
Once it has been run, the trojan embarks on its mission, which is to encrypt, using a digital encryption key, all the files it finds on computer drives with extensions corresponding to those listed in its code. These extensions include .doc, .html, .jpg, .xls, .zip, and .rar.
The blackmail is completed with the trojan dropping a text file in each directory, with instructions to the victim of what to do. An email address is supplied through which users are supposed to request for their files to be released after paying a ransom of $100–200 to an [[e-gold]] or [[Liberty Reserve]] account.<ref>{{cite web|url=http://rump2008.cr.yp.to/6b53f0dad2c752ac2fd7cb80e8714a90.pdf|format=PDF|title=Cryptanalysis of the Gpcode.ak ransomware virus|author=Eran Tromer|author-link=Eran Tromer|accessdate=2008-09-30}}</ref>
== Efforts to combat the trojan ==
| |||