Slashdot Mirror
Virus Hold Computer Files 'Hostage' for $200
dwayner79 sent in a story about a new virus making the rounds- this one is unique because it locks your files and then demands a $200 ransom to get them back. It seems to me that this might leave some sort of tracable money trail. They don't have much information on any particular transmission mechanism, they just talk about web pages giving it up.
...Until I see a photograph of my files with today's paper.
Pulp Audio Weekly - Geek News and Reviews
Assuming this virus is telling the truth (and I highly highly highly doubt it is), doesn't that mean that there's a simple command you can send to it to fix the problem? What's to prevent anti-virus companies from figuring this out and providing a quick fix?
-dave
http://millionnumbers.com/ - own the number of your dreams
What the hell took so long for this to happen? There are thousands of viruses all around and most of them are so benign. They just eat system resources, send spam, show ads and other bs. It took way too long for someone to make a virus that actually compromises data. I hope soon someone makes one that takes important data files and uploads them to a web server for public view. And another one that overwrites the hard drives 3 or 4 times to prevent data recovery.
Maybe when this happens people will actually pay more attention to computer security, instead of just putting up with the inconvenience.
The GeekNights podcast is going strong. Listen!
If it were real, we would have heard it from Symantec or McAffee long before a third-world news website.
tasks(723) drafts(105) languages(484) examples(29106)
Do they accept PayPal?
"Anything tastes good if you deep fry it."
yet another reason to do regular backups, so you are never solely dependent on your local copies.
so I figure the virus author could deduct the money from my account, himself.
because his "blackmail-letter" is a file called attention!!!.txt, containing this:
Some files are coded.
To buy decoder mail: n781567@yahoo.com
with subject: PGPcoder 000000000032
SOmeone wrote: "this one is unique because it locks your files and then demands a $200 ransom to get them back." Unique? sounds like a description of anti-virus software to me.
Not that I particularly apprecaite idiot crackers making my work harder, but you gotta figure they'll be cringing at this rather blunt and clumsy attempt at extortion{sp}.
I mean, is it really that much harder to make a virus that silently installs itself and listens for key strokes, then sends those back to you through a few cracked proxies? And there you go: account numbers and passwords.
Idiots. If they do try to collect on this, they'll be caught, we'll find it's a couple of dumb as fuck kids who thought it'd be cool to "have a couple hundred bucks".
And while I'm on that, 200 bucks? If you are really trying to get money, why not charge 20 bucks? For 200 bucks, most people are likely to seek outside help. For 20 bucks, people are more likely to just fork it over. I'd bet you'd have a greater ROI with the lower charge.
Mod me down with all of your hatred and your journey towards the dark side will be complete!
Gee, I wonder how he figured that out....
that Microsoft is adding to the next version of Office?
Lacking <sarcasm> tags,
This has been out for years, it's called Windows XP Activation.
The Technomancer
"Men of lofty genius when they are doing the least work are most active."-
What the programmer needs to do is to buy a speed boat and have the victim drop the bag from a bridge into the boat and then flee and stage his own death with an explosion.
I've seen it in the movies.
The trick is to do that without spending more than $200.
The Internet is full. Go Away!!!
If you dont send the money with in two weeks they start sending the files back, bit by bit.
In the not too distant future, next Sunday A.D.
I've written about this before, but I'm *so* waiting for a virus to do one or more of the following:
* alter scheduled appointments in outlook/exchange
* alter contact information in outlook/exchange
* alter information in ms word and ms excel documents
The key to all this is to do it in small doses - change a 3 to a 4, alter appointments by 1 hour, etc, introduce a few wrong spellings into ms word documents, etc.
People have this view that viruses are horribly destructive, and it decreases the estimation of Windows in some. Others stick by Windows, content to use anti-virus stuff because a virus just generally uses up resources indiscriminately or 'steals' data.
If viruses started attacking the integrity of core MS Office products, not 'just' the operating system itself, more damage would be done to MS' hold on corporate america than any attack on the 'operating system' level by viruses.
Put more simply, most people really don't understand the ins and outs of operating systems, nor the potential damage than can be done to them. Everyone can understand the damage that could be done by having your spreadsheets altered without your knowledge.
Well, at least I *think* everyone could understand that.
creation science book
This is what happened when I installed windows 98... it crashed and a dialog box appeared and demanded that I upgrade to windows XP in order to save my files from digital heaven.
No, that's pretty much the original meaning.
My Photography - http://ian-x.com
The Deathlings (comic) - http://thedeathlings.com
back in the msdos days (aka: the good old days) there was a virus that locked your pc, did something nasty to your mbr (or fat - i forgot) and you had to play a game (or two .. or usually aLOT) on the slots machine. You would get your system back when you got the jackpot.
I'm sorry, but we don't negotiate with terrorists. The files knew the danger when they took the job.
C:\>format c:
"I am the king of the Romans, and am superior to rules of grammar!"
-Sigismund, Holy Roman Emperor (1368-1437)
As for tracing the e-mail well that wont work either: again people do this all the time on e-bay rip offs and none of those get traced.
besides which the attacker might very well be logging your keystrokes and simply watching for you to send any text continaing a fake address he gave you, then sending this real text somewhere else. Fat chance you would notice this in time to do anything about it. He just picks off the western union number, then pays some street urchin to go collect for him.
or you could rig this as sort of a two part thing. One is to have the virus encrypt the files. then "coincidentally" this spam e-mail comes offer to sell you a universal decoder program for the low price of 49.99$. THe company could be legitimate in the same sense that McAffee is legit. They just sell decryption tools. Sure they might be suspect but some company IS going to crack this and when they do they are going to SELL the decoder. The evil-doer merely has to be one of many companies offer this product for sale. It would be in his interest to leak the decoding method just so those decoy compamies would appear.
Some drink at the fountain of knowledge. Others just gargle.
If you have just two files its still extremely hard... you need something like 2^23 files to do it in a reasonable amount of time (assuming RSA+IDEA).
This post is incorrect. Probably a semi-subtle troll rather than an honest error.
Neither RSA nor IDEA is vulnerable to a known-plaintext attack. In fact, any cipher that is vulnerable to such an attack is considered completely insecure, especially if only 2^23 "files" are needed.
If you get to choose the contents of one of the files its only about 2^17.
Neither RSA nor IDEA is vulnerable to a chosen-plaintext attack. There were some chosen-plaintext attacks against RSA a few years back (mid 90s), but proper padding eliminates them. And far more than 2^17 trials were required for typical key sizes. Again, no cipher that was vulnerable to such an attack would be considered secure.
Obviosly, if the keys are larger, it will take exponentially longer.
Larger than what? Are you assuming extremely small key sizes in order to achieve the numbers above? Actually, you don't get to pick the size of an IDEA key, because IDEA keys are 128 bits. Though you can arbitrarily fix key bits to produce a smaller effective key, there's no reason why the virus writer would want to do that.
Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
Oh, wait a minute, never mind...
I forgot we were talking about viruses.
Twoeasy steps:
(1) Get this virus into the DMCA-supporters computers.
(2) When they are screaming that all their data is encrypted, kindly inform them that you could create a crack for it and get all their data back, but unfortunately you would run afoul of the DMCA reverse-engineering laws and therefore cannot help them.
Yes. Irony is *NOT* dead!!
If a pion (n-) collides with a proton in the woods & noone is there to hear it, does lamdba decay into the source pa