Ransom Trojan Uses Cryptography for Malicious Purpose

Every day millions of people go online to find information, to do business, to have a good time. Alas, some people go there to commit crimes as well. Though crimes have been committed via the Internet almost from its very launch, now cybercriminals have become dangerous as never before.

We've been warned lots of times about stealing data -- identity theft, phishing scams and pharming; we have at least heard of denial-of-service attacks and "zombie" computers, and now one more type of online attack has emerged: holding data for ransom. Extortionists remotely encrypt somebody's files and then demand money for the key to decode the information.

Experts say it is not yet a tendency; websites that used to infect users with the Trojan, have been put down. Besides, this program, Trojan.Pgpcoder, exploits a vulnerability in Microsoft Internet Explorer, which users should have patched as long ago as last July. However, there is no guarantee that such attacks won't appear in future, and all PCs will be patched at that time.

Websense, the San Diego-based Web security company, was the first to report such a case two weeks ago, when its customer fell victim to the attack.

Researchers at Symantec also have seen the malicious program used in the ransom attack. Oliver Friedrichs, a senior manager at Symantec Security Response said that attackers could use a website, email, or other means to distribute the Trojan.Pgpcoder and launch a widespread extortion campaign.

When the user visits a malicious website, his unpatched PC gets infected with a Trojan Horse (downloader-aag). This Trojan Horse downloader connects to another website, downloads the encoding application, and runs it.

The malicious encoding program searches for 15 common file types, including images and Microsoft Office files on the computer and encrypts them, and deletes the original files.

Then it creates a file with a ransom note called “Attention!!!”, where demands $200 for a tool needed to decrypt the files.

However, there is a weak spot in the attackers' scheme. It is possible to trace the money and to catch the extortionists when they try to collect the ransom. Maybe, it will prevent this kind of cybercrime from spreading.

Time will show whether we see this Trojan attack again or something similar appears and there will be a real need for a name for such type of Trojans -- how do you like "ransomware"? I have already seen this word used, but let's hope for the best.

Anyway, it is always wise of users to keep anti-virus and security software up-to-date and back up data. Just to be on the safe side.

Alexandra Gamanenko currently works at Raytown Corporation, LLC -- an independent software developing company that provides various solutions for information security.

Learn more -- visit the company's website http://www.anti-keyloggers.com

In The News:


pen paper and inkwell


cat break through


Identity Theft - Dont Blame The Internet

Identity theft ? also known as ID theft, identity fraud... Read More

Road Warrior At Risk: The Dangers Of Ad-Hoc Wireless Networking

Airport Menace: The Wireless Peeping Tom As a network... Read More

Preventing Online Identity Theft

Identity theft is one of the most common criminal acts... Read More

Hacking the Body Via PDA Wireless Device

First I would like to stress I am condoning the... Read More

Pharming - Another New Scam

Pharming is one of the latest online scams and rapidly... Read More

Can I Guess Your Password?

We all know that it's dangerous to use the same... Read More

Passwords or Pass Phrase? Protecting your Intellectual Property

Much has been said on the theory of password protection... Read More

How to Prevent Online Identity Theft

Identity theft rates one of the fastest growing crimes in... Read More

Web Conferencing Readers - So What Do We Do with the PAYPAL SPAMMER

From: "Paypal Security" Subject: New Security Requirements Date: Tue, 26... Read More

Securing Your Accounts With Well-Crafted Passwords

In the past I've never really paid much attention to... Read More

How Did This Happen to Me? Top 10 Ways to Get Spyware or Viruses on Your Computer

If you use the internet, you have probably been infected... Read More

How to Fight Spyware

If you are wondering how to fight spyware for safe... Read More

How Can Someone Get Private Information From My Computer?

From the "Ask Booster" column in the June 17, 2005... Read More

Lottery Scam, What It is and how to Avoid It?

Internet scams and frauds are on the rise! The quantity... Read More

Top Ten Spyware and Adware Threats Identified

On December 8, 2004 Webroot, an award winning anti-spyware solution... Read More

Desktop Security Software Risks - Part 1

This is the second in a series of articles highlighting... Read More

How to Thwart the Barbarian Spyware!

Today,on most internet user's computers, we have the ability to... Read More

All About Computer Viruses

Your computer is as slow as molasses. Your mouse freezes... Read More

What is Hacking? Are You a Hacker?

WHAT IS HACKING?Hacking, sometimes known as "computer crime" has only... Read More

The Truth About Hiding Your Tracks on the Internet

Ok, ok, I know you've seen them. All those pop... Read More

Be Aware of Phishing Scams!

If you use emails actively in your communication, you must... Read More

Make Money Online - Defend Against The Latest Scam

First, let's do a little recap'. As I stated in... Read More

Spyware Symptoms

Spyware symptoms happen when your computer gets bogged down with... Read More

File Sharing - What You Need to Know!

File sharing on p2p is soaring despite the music and... Read More

Dont Miss Information Because of Misinformation

It has been said that with the wealth of information,... Read More

With the Rise of Internet Crimes, Users are Turning to High-Tech ?PI?s? for Solutions

High-tech private investigators are becoming the answer for many Internet... Read More

Why Malicious Programs Spread So Quickly?

It seems that nowadays cybercriminals prefer cash to fun. That... Read More

Phishing: An Interesting Twist On A Common Scam

After Two Security Assessments I Must Be Secure, Right? ... Read More

A Personal Experience with Identity Theft

Some months ago, before there was much publicity regarding phishing... Read More

Steganography ? The Art Of Deception & Concealment

The Message Must Get Through The year is 300A.D.,... Read More

Consumers: Shop Online and Get Information Safely

Do you really have to know how feeds work? Not... Read More

Sarbanes-Oxley: A Cross-Industry Email Compliance Challenge

Is your enterprise following the rules?The bulk of financial information... Read More

Clown Internet Scam - An Internet Scam is Currently Targeting Clowns and Other Entertainers

I am the victim of an internet scam. It is... Read More