Slashdot Mirror

← Back to Stories (view on slashdot.org)

Virus Hold Computer Files 'Hostage' for $200

Posted by CmdrTaco on from the it'd-be-funnier-if-it-wasn't-scary dept.

dwayner79 sent in a story about a new virus making the rounds- this one is unique because it locks your files and then demands a $200 ransom to get them back. It seems to me that this might leave some sort of tracable money trail. They don't have much information on any particular transmission mechanism, they just talk about web pages giving it up.

4 of 488 comments (clear)

  1. Must be a real moron by Kosi · · Score: 5, Informative

    because his "blackmail-letter" is a file called attention!!!.txt, containing this:

    Some files are coded.
    To buy decoder mail: n781567@yahoo.com
    with subject: PGPcoder 000000000032

  2. Re:It won't get a penny from me... by HadenT · · Score: 5, Informative

    Why not:
    generate random key, encrypt data with it (symmetric),
    encrypt that key with public one (stored in virus itself), destroy random key, give victim encrypted key.
    Victim sends encrypted key to author, he decrypts it using his private key and sends it back.

  3. Re:I call hoax by t123 · · Score: 5, Informative
    try the websense website with more detailed information.
    The original infection occurs when the user visits a malicious website that exploits a previous vulnerability in Microsoft Internet Explorer. This vulnerability allows applications to run without user intervention. The malicious website uses the Windows help subsystem and a CHM file to download and run a Trojan Horse (download-aag). The downloader then connects, via HTTP, to another malicious website. This website hosts the application that encodes files on the user's local hard disk and on any mapped drives on the machine. The malicious code also drops a message onto the system with instructions on how to buy the tool needed to decode the files. This message includes the email address of a third party to contact for instructions, and the user is directed to deposit money into an online E-Gold account.
  4. Re:Wow by httptech · · Score: 5, Informative

    Yes, funny funny. In context, though, you have to know the question the reporter asked me, which was, "Do you think this software was a test, or do you think it was malicious?"

    -Joe

    --
    Joe Stewart, GCIH
    Senior Security Researcher
    LURHQ http://www.lurhq.com/