Next-gen ransomware could be uncrackable

Hackers could make ransomware so complex that it will be beyond the decryption capabilities of the antivirus industry, new research has claimed.

A study by Kaspersky Lab warned that authors of ransomware are pushing the boundaries of modern cryptography by using evermore sophisticated encryption algorithms.

Ransomware involves the use of malicious code to hijack user files, encrypt the information and then demand payment in exchange for the decryption key.

The first piece of ransomware to use a sophisticated encryption algorithm, Gpcode.ac, was detected in January and used the RSA algorithm to create a 56-bit key.

Since then, the author of Gpcode has released several increasingly complex variants of the virus and in June released Gpcode.ag, which used a 660-bit key.

"We were able to decrypt 330-bit and 660-bit keys within a reasonably short space of time, but a new variant with a longer key could appear at any time," said Aleks Gostev, senior virus analyst at Kaspersky Lab.

"If RSA, or any other similar algorithm which uses a public key, were to be used in a new virus, antivirus companies might find themselves powerless even if maximum computing power was applied to decrypting the key.

"Unfortunately, the authors behind the Gpcode, Cryzip and Krotten ransomware are still free. But even if they are arrested, there is nothing to prevent other malicious users from implementing such techniques in order to make money.

"In the meantime, antivirus companies have to continue working on proactive protection which will make it impossible for malicious users to encrypt or archive users' data."