Every day millions of people go online to find information, to do business, to have a good time. Alas, some people go there to commit crimes as well. Though crimes have been committed via the Internet almost from its very launch, now cybercriminals have become dangerous as never before.
We've been warned lots of times about stealing data -- identity theft, phishing scams and pharming; we have at least heard of denial-of-service attacks and "zombie" computers, and now one more type of online attack has emerged: holding data for ransom. Extortionists remotely encrypt somebody's files and then demand money for the key to decode the information.
Experts say it is not yet a tendency; websites that used to infect users with the Trojan, have been put down. Besides, this program, Trojan.Pgpcoder, exploits a vulnerability in Microsoft Internet Explorer, which users should have patched as long ago as last July. However, there is no guarantee that such attacks won't appear in future, and all PCs will be patched at that time.
Websense, the San Diego-based Web security company, was the first to report such a case two weeks ago, when its customer fell victim to the attack.
Researchers at Symantec also have seen the malicious program used in the ransom attack. Oliver Friedrichs, a senior manager at Symantec Security Response said that attackers could use a website, email, or other means to distribute the Trojan.Pgpcoder and launch a widespread extortion campaign.
When the user visits a malicious website, his unpatched PC gets infected with a Trojan Horse (downloader-aag). This Trojan Horse downloader connects to another website, downloads the encoding application, and runs it.
The malicious encoding program searches for 15 common file types, including images and Microsoft Office files on the computer and encrypts them, and deletes the original files.
Then it creates a file with a ransom note called “Attention!!!”, where demands $200 for a tool needed to decrypt the files.
However, there is a weak spot in the attackers' scheme. It is possible to trace the money and to catch the extortionists when they try to collect the ransom. Maybe, it will prevent this kind of cybercrime from spreading.
Time will show whether we see this Trojan attack again or something similar appears and there will be a real need for a name for such type of Trojans -- how do you like "ransomware"? I have already seen this word used, but let's hope for the best.
Anyway, it is always wise of users to keep anti-virus and security software up-to-date and back up data. Just to be on the safe side.
Alexandra Gamanenko currently works at Raytown Corporation, LLC -- an independent software developing company that provides various solutions for information security.
Learn more -- visit the company's website http://www.anti-keyloggers.com
Spyware and adware are becoming major problems for online surfers... Read More
A crowded marketplace can lead to unethical webmasters using underhand... Read More
You've seen it in the news - 40 million credit... Read More
Internet is the ocean of knowledge. In this ocean you... Read More
"Dear Bank of the West customer", the message begins. I've... Read More
A couple of years back, I paid my dues the... Read More
It's a sad statistic, but hundreds of unsuspecting kids are... Read More
The trash folder in my main inbox hit 4000 today.... Read More
Over the past few years as the internet has become... Read More
It seems that nowadays cybercriminals prefer cash to fun. That... Read More
If you use emails actively in your communication, you must... Read More
Do you really have to know how feeds work? Not... Read More
According to the Anti-Phishing Working Group (APWG) email scams also... Read More
High-tech private investigators are becoming the answer for many Internet... Read More
On December 8, 2004 Webroot, an award winning anti-spyware solution... Read More
When surfing the Internet you probably take your anonymity for... Read More
From the "Ask Booster" column in the June 17, 2005... Read More
If you are wondering how to fight spyware for safe... Read More
Be careful of sites that promise to send you "instant... Read More
Recently, my site and other internet accounts ( http://www.nabaza.com/sites.htm )... Read More
My first experience with a spyware BHO based infection was... Read More
NETWORK SECURITIES: IMPORTANCE OF SECURITIESComputers and securities must form a... Read More
What is Phishing? Phishing is a relatively newly coined term... Read More
Despite the current wave of identity theft and corporate security... Read More
Well, if that would have been said to me by... Read More
Have you seen the web site, www.freestuff.com? Or have you... Read More
Industrial Espionage. These methodologies are being used on a daily... Read More
If you use the internet, you have probably been infected... Read More
Ok, you've got a computer, and you get online. You... Read More
Spyware symptoms happen when your computer gets bogged down with... Read More
Everyone should eliminate spyware and adware from your hard drive... Read More
There has not been a time in the history of... Read More
It has been said that with the wealth of information,... Read More
Be careful of sites that promise to send you "instant... Read More
Computer security for most can be described in 2 words,... Read More
What is a Firewall?The term "firewall" illustrates a system that... Read More
There you are busily typing away on your PC or... Read More
Recently I have received email from my bank/credit Card Company,... Read More
Someone recently told me, "You would have to be a... Read More
Millions of people make purchases online, but many people are... Read More
What is computer security? Computer security is the process of... Read More
The most frustrating part of having Spyware on your computer... Read More
Spyware and adware are becoming major problems for online surfers... Read More
If you use the internet, you have probably been infected... Read More
If you constantly deal with bank or electronic accounts, it... Read More
From the "Ask Booster" column in the June 17, 2005... Read More
So you want to know who your kids are chatting... Read More
Spelt phishing, but pronounced as above, this despicable act is... Read More
Pharming is one of the latest online scams and rapidly... Read More
According to the Anti-Phishing Working Group (APWG) email scams also... Read More
The average computer is packed with hidden software that can... Read More
Can you protect your computer from all possible viruses and... Read More
What is Phishing? Phishing is a relatively newly coined term... Read More
The Internet is a vast International Network of people and... Read More
There has not been a time in the history of... Read More
A few nights ago I received an email from "2CO"... Read More
It seems that nowadays cybercriminals prefer cash to fun. That... Read More
Having a good Spyware eliminator on your computer is vital... Read More
Phishing is a relatively new form of online fraud that... Read More
IPv6, IntroductionThe high rate at wich the internet continualy evolves... Read More
High-tech private investigators are becoming the answer for many Internet... Read More
The Threat10 years ago you could probably have run no... Read More
When it comes to a secure website and passwords it... Read More
The words Corporate Security may conjure up images of a... Read More
Blaster, Welchia, Sobig, W32, Backdoor, Trojan, Melissa, Klez, Worm, Loveletter,... Read More
Watching how the traditional media covers the latest virus or... Read More
Internet Security |