Booz, Allen and Hamilton hit by cyber blackmail

Those of you who know what Booz, Allen and Hamilton do may be a little disturbed at this occurence;

According to PrevX atleast three IP adresses belonging to Booz Allen in the Washington DC area are affected by Virus.Win32.Gpcode.ai

a wonderful(sarc.) little piece of malware that encrypts your data(not with RSA-4096 though) and supposedly uploads it to the authors server.

Hello, your files are encrypted with RSA-4096 algorithm (http://en.wikipedia.org/wiki/RSA).

You will need at least few years to decrypt these files without our software. All your private information for last 3 months were collected and sent to us.

To decrypt your files you need to buy our software. The price is $300.

To buy our software please contact us at: tristanniglam@gmail.com and provide us your personal code -1755024102. After successful purchase we will send your decrypting tool, and your private information will be deleted from our system.

If you will not contact us until 07/15/2007 your private information will be shared and you will lost all your data.

Glamorous team

There is a removal tool available from PrevX but that is not the main issue, the fact is that with Booz Allen's fingers being in every pot in DC who knows what information will get out...

Some related links of interest:
Ransomware... Holding Corporate America Ransom! - PrevX
Blackmailer – the return of Gpcode - Kaspersky
Users comments @ NetworkWorld

No comments: