After nearly two years a variant of the GpCode program has again been released, kidnapping victims' data and demanding $120 for its return.
GpCode encrypts a victim's files and then demands payment for the decryption key. The new version dubbed GpCode.AX by security firm Kaspersky overwrites files with the encrypted data, causing total loss of the original data, and uses stronger crypto algorithms -- RSA-1024 and AES-256to scramble the information.
Even if you pay up the chances of getting your data back are very low, Kaspersky, writes in a blog post. The last known revision of the GpCode program came two years ago. At the time, the author claimed that the scheme paid well.
However it is effectively defeated by making frequent backups and train users to restore data if you're ever faced with a ransomeware threat. Kaspersky's said that victims that get a notice that their data has been encrypted should immediately pull the plug on their PC.
He said that turning the computer off may save a significant amount of your valuable data.