New Trojan Encrypts System- Demands Ransom
This is by no means a threat, however, it is noted here as an interesting tactic by cyber-criminals. This exploit creates a denial of service attack against the end user by locking him out of his own computer and demands a ransom to unlock the system.
This is not a threat because it can only work for about the first 4 hours of life before cyber law-enforcement units either shutdown the site or account that demands payment, or if the criminals are really dumb, the law enforcement teams may even catch the criminals.
From the AFP here:
WASHINGTON (AFP) – In the equivalent of a
holdupkidnapping in cyberspace, a new computer bug locks up a user’s file with encryption and demands a 300-dollar “ransom,” security experts say.The so-called “ransomware” Trojan was discovered Saturday by the security firm LURHQ, which said it was based on a similar scheme perpetrated 15 years ago.
Users whose computers are infected receive an e-mail stating that their files have been encrypted and will not be unlocked unless they transfer 300 dollars to a special account.
In poorly written English, the message said, “Do not try to search for a program what encrypted your information — it simply do not exists in your hard disk anymore. If you really care about documents and information in encrypted files, you can pay using electronic currency 300 dollars. Reporting to police about a case will not help you.”
LURHQ said it was not clear how the Trojan was spread, but experts said it could be through infected e-mails or from visiting certain websites.
“Infection reports are not widespread, so it is not believed this is a mass threat by any means,” LURHQ said.
However Sophos and LURHQ discovered the password — C:/Program Files/Microsoft Visual Studio/VC98 — a code disguised as a file.
“So there should be no need for anyone unfortunate enough to have suffered from this ransomware attack to have to pay the reward to the criminals behind it.”
LURHQ is a solid security research outfit, and they do great work for their customers and for the government by sharing information with other security firms when they detect a threat against the Internet. Hats off to those guys.
