Skip to main content

New ransomware on the spread

Article Reads:8755

Jack Writes:A new computer malware is spreading and dangerously too. The malware, called Troj/Ransom-A, once run on a computer, freezes the system and threatens to delete files every 30 minutes until an amount of $10.99 is sent to a particular account in the Western Union Holdings money transfer service.

Security experts said the new Trojan belonged to the emerging "ransomware" class of viruses. It has been prevalent in Russia, but recently one such attack was reported in England, the experts said.

The virus also leaves an e-mail address for the affected person to get in touch with in case the infected computer does not function properly after the ransom is paid.

U.K.-based computer security firm Sophos said the trojan puts up a message after freezing the computer about the ransom to be paid and about the deletion of files. The message claims that anti-virus software is not effective against the trojan, that deleted files cannot be retrieved, that the Ctrl-Alt-Del function will not release the computer and that the malware runs every time Windows boots.

Sophos said ransomware is rare, but this is the second such trojan in the last five weeks. Earlier in March, two similar trojans, Cryzip and Zippo.a, had sought payment of $300 in return for a password to free the users' files from a maliciously created zip file.

Security experts cautioned that Troj/Ransom-A is spreading as a disguised file on peer-to-peer networks and may also land on systems as spam. Once the file is activated, it displays pornographic images with a message, "Listen up muthaf*cka. is this computer valuable. it better not be. is this a business computer. it better not be. do you keep important company records or files on this computer. you'd better hope not. because there are files scattered all over it tucked away in invisible hidden folders undetectable by antivirus software the only way to remove them and this message is by a CIDN number."

The computer user can obtain the CIDN number after paying the ransom to the Western Union account.

Senior technology consultant at Sophos Graham Cluley said the trojan does not appear to be "smartest tool in the box" and that he had passed on the details to the police, who are looking into it.

Cluley is concerned that this could be a new trend to extort money.

Sophos said computer users connected to the net should make backups of their data and run updated security software. People should be vary of opening e-mail attachments.


Your IP address:

44.222.169.53

FREE Hyper-V & VMware Backup

FREE Hyper-V & VMware Backup

Wi-Fi Key Generator

Generate/Crack any
WEP, WPA, WPA2 Key!

Network and Server Monitoring

Network and Server Monitoring

Follow Firewall.cx

Cisco Password Crack

Decrypt Cisco Type-7 Passwords on the fly!

Decrypt Now!

Bandwidth Monitor

Bandwidth Monitor

Free PatchManager

Free PatchManager

EventLog Analyzer

ManageEngine Eventlog Analyzer

Firewall Analyzer

zoho firewall analyzer