Posted on 04/28/2006 12:40:23 PM PDT by Former Fetus
A new kind of malware circulating on the Internet freezes a computer and then asks for a ransom paid through the Western Union Holdings money transfer service.
A sample of the Trojan horse virus was sent to Sophos, a security vendor, said Graham Cluley, senior technology consultant. The malware, which Sophos named Troj/Ransom-A, is one of only a few viruses so far that have asked for a ransom in exchange for releasing control of a computer, Cluley said.
The new Trojan falls into a class of viruses described as "ransomware." The schemes had been seen in Russia, but the first one appeared in English just last month.
"It is a new kind of malware with a particularly nasty payload," Cluley said.
It's unclear how the Trojan is being spread, although Sophos is investigating, Cluley said. Viruses can be spread in several ways, including through spam or a so-called drive-by download that exploits a browser vulnerability when a user visits a malicious Web site.
PC Frozen, Files at Risk.
Once run, the Trojan freezes the computer, displaying a message saying files are being deleted every 30 minutes. It then gives instructions on how to send $10.99 via Western Union to free the computer.
Hitting the control, alt, and delete keys will not affect the bug, the virus writer warns. Sophos provides further details at its Web site.
The virus writer even offers tech support, Cluley said. If the method of unlocking the computer doesn't work after the money is sent, the virus writer promises to research the problem and includes an e-mail address.
Last month, a Trojan emerged that encrypts a user's documents and then leaves a file demanding $300 in exchange for the password to access the information. Victims were instructed to send money to one of 99 accounts run by e-gold, a company that runs a money transfer site.
The password, however, was contained on the infected computer. Sophos cracked it and publicly released it.
NOD32 just updated a few minutes ago and will put an end to ANY trojan BS.
I'm Lovin' It™ :)
using common sense and patching your box can help
LOL!! Knock yourself out, Sport. My files are on my server...and back up is run nightly..
Don't open any un-solicited emails, and stay away from porn and warez sites. An ounce of prevention is worth a pound of cure.
"Don't open any un-solicited emails, and stay away from porn and warez sites. "
"LOL!! Knock yourself out, Sport. My files are on my server...and back up is run nightly.."
My stuff is backed up too on an external hard drive that is off and disconnected most of the time. Common sense to back up your stuff if you care about it.
What a coincidence. There's another thread about a sports representative demanding a ransom from a Trojan.
what's warez?
Use Linux.
I've not had a single problem with this laptop since I made the switch.
Regards, Ivan
Boy, will you be sorry when I'm making big money helping a Nigerian prince get his inheritance into the country from the comfort of my refinanced home while sporting a bigger penis.
Yup - combined with hardening your system(s).
Pirated software - games and applications
Because so few use that software that even hackers don't want to bother with it.
What's a "warez" site?
I've had to fix my brother's computer multiple times because he doesn't update regularly...I had to tell him "One more time, then you're on your own."
Pirated software.
"Yup - combined with hardening your system(s)."
I run router with firewall, zone alarm firewall, symantec anti-virus, A2 trojan scanner, spybot or ad aware, Run windows updates regularly. Always ran windows but I never used Outlook for email. I go to Shields Up page now and then to do a scan.
Been heavy internet high bandwidth user for 10 years now.
Only a couple minor viruses ever got through and usually because I did something stupid. Nothing at all has caused me any grief in many years now using the above methods.
I haven't even taken advantage of all of those things yet and my e-mail is full of more women trying to meet me than I can keep up with. I think I'll take it slow and try to develop a long term relationship with one or two of them. Maybe I'll need protection from another kind of virus.
Is NOD32 as good as I've heard? Granted, you're only the 3rd person I've heard about using it, but all 3 of you seem to like it.
| PC security-related links. All software is freeware/open source. Last Update: 03/04/2005 |
|
| Anti-Virus: Antidote SuperLite On-demand virus checker. Detects, doesn't clean. Huge virus database (excellent back-up scanner). AntiVir® Personal Edition AVG Anti-Virus BitDefender Free Edition v7 On-demand anti-virus program F-Prot Antivirus The MS-DOS version is free McAfee Stinger On-demand scanner. Detects & cleans a small number of virii/trojans (around 50). Fits on a 3.5" floppy. |
Alternatives to MSIE, Outlook & Outlook Express: Mozilla.org Mozilla Suite (browser, email & usenet client), Firefox browser, Thunderbird E-mail client Off By One The world's smallest and fastest web browser Pegasus Mail E-Mail client Popcorn E-Mail E-Mail client Xnews Usenet client |
| Anti-Adware/Spyware: Ad-Aware SE On-demand scanner Spybot - Search and Destroy Offers on-demand scanning and full-time protection |
Firewall: Tiny Personal Firewall 2 (Last freeware version) ZoneAlarm Free Download |
| Technical Help: CastleCops Security Forums Cyber Tech Help Support Forum SpywareWarrior.com Forum VirtualDr Forums How To Ask Questions The Smart Way This guide will teach you how to ask questions in a way that is likely to get you a satisfactory answer. |
How-to and Tutorial: PCWorld: How to Install a Firewall Using Ad-Aware SE Using Spybot - Search and Destroy |
| Useful sites, articles, etc.: Firewall Test, Security Test and Security Scan Leak Test Test your firewall against internal extrusions (leaks) Shields Up Firewall Test Spyware/Adware/Malware FAQ and Removal Guide SpwyareWarrior.com Waging the war against spyware U.S. Computer Emergency Readiness Team |
Miscellaneous: Netscape Browser Archive OldVersion.com Because newer is not always better Ping Plotter Internet diagnostic tool TinyApps.Org WinPatrol Combats adware, spyware, trojans, etc. |
It's good, and very comprehensive.
Internet monitor, MS Office and Outlook file monitor, it even monitors your system file for trojans and it also has an on-demand scanner.
First day of installing it, it caught things that my two next-best pieces of anti-virus software, Spybot S&D and Ad-Aware, didn't catch.
"Boy, will you be sorry when I'm making big money helping a Nigerian prince get his inheritance into the country from the comfort of my refinanced home while sporting a bigger penis.
"
I have to tell ya' that I'm not particularly interested in your penis, bigger or not. It's just not my thing. As for the Nigerian prince, I have some bad news for you. He's already in touch with me, and the check is coming soon. He expresses his regret that he will not be able to complete the arrangements with you.
bump
bump.
I back up all my files weekly. If this were to get past my virus scans, spybots, and firewalls. Then I would fdisk my system and rebuild it making sure to scan the backups with the latests definitions I could find.
Here's a few more useful items:
Opera Free browser (tabbed browing, etc.)
Javacoolsoftware.com
Home of Spywareblaster and Spywareguard (Both excellent, and both FREE).
"Use Linux.
I've not had a single problem with this laptop since I made the switch.
Regards, Ivan"
Good for you, Ivan! Which distro are you running and how long have you been running it?
I just made the switch to PCLOS v0.92 about 6 weeks ago. I absolutely love it and I'm really having fun learning Linux.
That's an impressive list. I'd add Kerio as a firewall. I use it. Very light on resources. Excellent!
As Ivan said, use Linux. Problem solved.
Done.
For those interested, they can find the last freeware version here (third item on the page):
Kerio Personal Firewall 2.1.5
Checking Linux firewall logs reveals all the probing being done by the trojaned windows zombies.
thanks for the listings!
Unless Western Union Holdings employees are complicit in the crime, I refuse to believe that this is possible...
Pirated Software.
That's when you unplug the computer and reboot on a knoppix CD and blasst the old operating system away.
Anyone with a brain is also using a second physical disk that can be removed until you have a good OS running.
They should call it the "Undocumented Immigrant Worker Virus". Breaks in past my firewall border, uninvited, then demands things while wreaking destruction. Maybe Monday it will take a day off! :)~
Add Slimbrowser to it as well. SlimBrowser
It works REALLY well and is only a 4MB download.
The 2.1.5 version is very stable. Never had any trouble with it.
And, unlike the Win XP SP2 firewall, Kerio protects against outgoing packets.
"FYI, my son runs PCLOS v0.92 with absolutely no problems (he's 14). I run Fedora Core 5, same deal. As to the comment that no one targets Linux because so few people use it, exactly how is that supposed to be a bad thing? (Even if it were true.)"
That's cool, and I agree, I don't see it as a bad thing whatever reason hackers aren't targeting the OS. I'm still on a bit of a learning curve, but I'm loving the power of Linux.
Thanks
That will be helpful since I wanted to unload Norton from an older PC I have.
It's hard to tell from their site, but SlimBrowser appears to use the IE engine, and so would suffer from the same vulnerabilities.
I.E.: System Requirements: Win95+IE4 is the minimum requirement. Win98+IE5 is recommended.
You have to admire a feller who stands behind his product.
You're welcome.
What an interesting headline.
There's one other free anti-virus I don't have on the list:
I haven't added to the list because, although it's free, it requires registration, which must be renewed every 14 months.
However, it does seem to be easy on resources, and might be an acceptable full-time AV for people running older systems, and/or who cannot run AVG (which some people report doesn't like Win9x).
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.