Book Reviews, News Articles, and Press Releases

Ted Bridis, an AP technology writer, wrote an article entitled Hackers Holding Computer Files 'Hostage' dated Tues. May 24, 2005. The article indicates that a malware infection has occurred in which files are encrypted and held for ransom. The company Websense Inc. is cited as having analyzed it. The analysis on their website contains screenshots containing the text "PGPcoder" and indicates that payment is expected via an e-gold account. F-Secure refers to this Trojan as Gpcode (it has also been referred to as "ransomware"). An analysis by F-Secure indicates that this Trojan uses a trivially breakable encryption method. So the evidence strongly suggests that PGPcoder is not a cryptotrojan.

Joris Evers, a Staff Writer for CNET, wrote an article entitled Miscreants encrypt files, hold them for ransom that is dated May 24, 2005. This article indicates that the PGPcoder trojan victimized a Websense customer two weeks prior and that the trojan targets 15 common file types. The article references "Trojan.Pgpcoder", the name that was assigned to the Trojan by Symantec. One of the types of files that are encoded is files having the extension .pgp. This could be the reason for the name "PGPcoder".

Roberto Giménez wrote an article entitled Ojito con los virus that discusses the PGPcoder Trojan. The article is dated May 31, 2005 and appears in "Todo Pocket PC". It discusses the extortion attempt and says that the book "Malicious Cryptography" is a must have for those interested in the subject.

Ed Tittel and Kim Lindros reviewed "Malicious Cryptography" in their article entitled "The Computer Security Bookshelf, Part 2". The article was last revised in December, 2004 and is provided courtesy of Que.

Major Keary wrote a book review for PC Update Online!, the magazine of the Melbourne PC User Group. It is dated October, 2004 and is entitled "Exposing Cryptovirology"

Claire Whelan wrote a review for The Times Higher Education Supplement, dated Oct. 8, 2004. It is entitled "It takes a cryptovirus to fight one."

Tony Bradley, CISSP wrote a review entitled "Book Review: Malicious Cryptography" for It appeared in the Internet/Network Security section on May 6, 2004.

Ellen Messmer wrote a book review for the Security Notes section of Network World Fusion entitled "Confessions of a Cryptovirus Fiend." The article is dated April 12, 2004. (See also her brief synopsis)

Lawrence M. Walsh wrote an article for Information Security Magazine entitled "Crypto Hazard---Could cryptography be the next destructive malware payload?" It is the March 2005 issue of the magazine.

W*USA 9 News ran a story called "Download Danger" on Feb. 28, 2004. The report discusses the threat of cryptoviruses (W*USA & Gannett Co., Inc. 4100 Wisconsin Ave NW, Wash. DC). The reporter is Bruce Leshan.

Charles Hornat wrote a review for the recommended reading section of "Infosec Writers." This Information Security Writers Group (Infosec Writers) article is dated May 26, 2004. (On the hyperlink, click on the underlined hyperlink for "Full review").

A very high level review of "Malicious Cryptography" appears on page 430 of the Computer Law & Security Report, 1st September 2004 (vol. 20, issue 5). The article is entitled "Cryptography: Malicious Cryptography – Exposing Cryptovirology - BOOK REVIEW" and it can be accessed at

An interesting news article appeared in the South China Morning Post on April 27, 2004. It is entitled "Cryptoviruses may be next to wreak havoc."

An article that appeared on July 3, 2001 discusses cryptoviruses. It appeared in Wired News. and is entitled "Most Hacking Hides Real Threats". The author of the article is Steve Kettman.

Cigital, Inc. produced a Press Release regarding the book dated December 15, 2003. It is entitled "Cigital Research Scientist Adam Young, Ph.D. Co-authors Book on Malicious Cryptography" and was written by Steve Goodwin.

A BBC News article by David Jamieson entitled "Click Crypto" from Sept. 28, 2001 discusses kleptography.

The Dutch article Nederlandse tapkamers niet kosjer (translation: "Dutch tapping room not kosher") by Paul Wouters and Patrick Smits appeared in c't (magazine voor computer techniek) 2003-01. It discusses kleptography.

Rob Dijkshoorn wrote a book review entitled "Boekrecensie Malicious Cryptography: Exposing Cryptovirology" on June 30, 2004 for (the Netherlands).

An article written by Clive Thompson appeared in New York Times Magazine and it discusses extortion using cryptoviruses. It is entitled "The Virus Underground" and it was published on Sunday February 8, 2004.

Paul Hudson wrote a book review entitled "Malicious Cryptography" for Linux Format Magazine. It appeared on page 35 of issue 56. It is the August 2004 issue that is entitled "Fedora Uncovered."

The book "Malicious Cryptography" was discussed in the October 2004 issue of Cryptologia (volume XXVIII, no. 4). It appeared on page 373 in the section on "Reviews and Things Cryptologic". The author of the article is Louis Kruh.