Has a cryptoviral extortion attack ever occurred?
It does not appear that a properly designed cryptoviral extortion attack has ever been carried out to date. Ted Bridis wrote an Associated Press article entitled Hackers Holding Computer Files ‘Hostage’ dated Tues. May 24, 2005. This article states that researchers at Websense Inc. identified a malware infection in which peoples’ files are encrypted and held for ransom. Symantec has named this malware Trojan.Pgpcoder. F-Secure analyzed the Trojan (F-Secure Corporation, Technical Details: Alexey Podrezov, http://www.f-secure.com/v-descs/gpcode.shtml, May 27-28, 2005) and they refer to it as Gpcode. The analysis by F-Secure indicates that this Trojan uses a trivially breakable encryption method. They state that F-Secure Anti-Virus detects the Trojan and repairs the files that it encodes. This is in line with the Associated Press article that states that the victim’s files were repaired without paying the ransom. Bridis referred to this as the “latest threat to computer users” and that it
