Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

#And now: ransomware

1 view
Skip to first unread message

1646 Dead

unread,
May 25, 2005, 9:09:46 AM5/25/05
to

<http://www.iol.co.za/index.php?set_id=1&click_id=115&art_id=qw1116918720581B225>

Now hackers can hold your files hostage...

May 24 2005 at 10:09AM

By Ted Bridis

Washington - Computer users already anxious about viruses and identity
theft have a new reason to worry: hackers have found a way to lock up
the electronic documents on your computer and then demand $200 (about
R1 200) over the Internet to get them back.

Security researchers at the San Diego-based Websense uncovered the
unusual extortion plot when a corporate customer they would not
identify fell victim to the infection, which encrypted files that
included documents, photographs and spreadsheets.

A ransom note left behind included an e-mail address, and the attacker
using the address later demanded $200 for the digital keys to unlock
the files.

"This is equivalent to someone coming into your home, putting your
valuables in a safe and not telling you the combination," said Oliver
Friedrichs, a security manager for Symantec Corporation.

The FBI said the scheme, which appears isolated, was unlike other
Internet extortion crimes.

Leading security and anti-virus firms this week were updating
protective software for companies and consumers to guard against this
type of attack, which experts dubbed "ransom-ware".

"This seems fully malicious," said Joe Stewart, a researcher at
Chicago-based Lurqh who studied the attack software. Stewart managed
to unlock the infected computer files without paying the extortion,
but he worries that improved versions might be more difficult to
overcome. Internet attacks commonly become more effective as they
evolve over time as hackers learn to avoid the mistakes of earlier
infections.

"You would have to pay the guy, or law enforcement would have to get
his key to unencrypt the files," Stewart said.

The latest danger adds to the risks facing beleaguered Internet users,
who must increasingly deal with categories of threats that include
spy-ware, viruses, worms, phishing email fraud and denial of service
attacks.

In the recent case, computer users could be infected by viewing a
vandalised website with vulnerable Internet browser software. The
infection locked up at least 15 types of data files and left behind a
note with instructions to send e-mail to a particular address to
purchase unlocking keys. In an email reply, the hacker demanded $200
be wired to an Internet banking account. "I send program to your
email," the hacker wrote.

FBI spokesperson Paul Bresson said more familiar Internet extortion
schemes involve hackers demanding tens of thousands of dollars and
threatening to attack commercial websites, interfering with sales or
stealing customer data.

Experts said there were no widespread reports the new threat was
spreading, and the website was already shut down where the infection
originally spread. They also said the hacker's demand for payment
might be his weakness, since bank transactions can be traced easily.

"The problem is getting away with it - you've got to send the money
somewhere," Stewart said. "If it involves some sort of monetary
transaction, it's far easier to trace than an email account." -
Sapa-AP
--
"As democracy is perfected, the office of president
represents, more and more closely, the inner soul
of the people. On some great and glorious day the
plain folks of the land will reach their heart's
desire at last and the White House will be adorned
by a downright moron." --- H.L. Mencken (1880 - 1956)

Not dead, in jail, or a slave? Thank a liberal!
Pay your taxes so the rich don't have to.

http://www.zeppscommentaries.com
For news feed, http://yahoogroups/subscribe/zepps_news
For essays (please contribute!)
http:yahoogroups/subscribe/zepps_essays


"I have not ordered the use of force. I hope
the use of force will not become necessary.
Hopefully this can be done peacefully.
Hopefully we can do this without any
military action."
--Putsch, three months after telling Blair he planned
to attack as soon as he had the phony intelligence
and propaganda all in place.

Not dead, in jail, or a slave? Thank a liberal!
Pay your taxes so the rich don't have to.
For the finest in liberal/leftist commentary,
http://www.zeppscommentaries.com
For news feed (free, 10-20 articles a day)
http://groups.yahoo.com/subscribe/zepps_news
For essays (donations accepted, 2 articles/week)
http://groups.yahoo.com/subscribe/zepps_essays

a.a. #2211 -- Bryan Zepp Jamieson

0 new messages