Virus Hold Computer Files 'Hostage' for $200
dwayner79 sent in a story about a new virus making the rounds- this one is unique because it locks your files and then demands a $200 ransom to get them back. It seems to me that this might leave some sort of tracable money trail. They don't have much information on any particular transmission mechanism, they just talk about web pages giving it up.
If it were real, we would have heard it from Symantec or McAffee long before a third-world news website.
tasks(723) drafts(105) languages(484) examples(29106)
Seriously though, the article does not show me any reason that the virus writer can be trusted on his word alone. How would you know that he really will send the key?
I can see three possible ways this is done: the files could be encrypted with a random key which is sent back to the author - in this case I guess the key could be intercepted on its way out of your computer, but you'd have to anticipate being infected. Alternatively, the virus might always use the same key, in which case one person needs to buy/brute force it and everyone's sorted. Finally, it might use a random key which the writer has no way of knowing - secure, but he'll take the money and run because he doesn't know the key.
In any of those three scenarios I'd think it makes sense to try to avoid giving him any money. Either that or I've missed something.
back in the msdos days (aka: the good old days) there was a virus that locked your pc, did something nasty to your mbr (or fat - i forgot) and you had to play a game (or two .. or usually aLOT) on the slots machine. You would get your system back when you got the jackpot.
There was even at least one that could wipe the BIOS eproms, leaving the computer completely inoperable and difficult to repair if not outright irreparable.
Will Microsoft start factoring these little occurances into the TCO of Windows?!
As for tracing the e-mail well that wont work either: again people do this all the time on e-bay rip offs and none of those get traced.
besides which the attacker might very well be logging your keystrokes and simply watching for you to send any text continaing a fake address he gave you, then sending this real text somewhere else. Fat chance you would notice this in time to do anything about it. He just picks off the western union number, then pays some street urchin to go collect for him.
or you could rig this as sort of a two part thing. One is to have the virus encrypt the files. then "coincidentally" this spam e-mail comes offer to sell you a universal decoder program for the low price of 49.99$. THe company could be legitimate in the same sense that McAffee is legit. They just sell decryption tools. Sure they might be suspect but some company IS going to crack this and when they do they are going to SELL the decoder. The evil-doer merely has to be one of many companies offer this product for sale. It would be in his interest to leak the decoding method just so those decoy compamies would appear.
Some drink at the fountain of knowledge. Others just gargle.
Not a really new idea, it's inside Andrew Tanenbaum's "Modern Operating Systems"!
The virus programmer has to have read the book.
42.