The trojan, called Troj/Ransom-A by Sophos, creates a number of new .exe files on a Windows operating system, then tells users that deleted files are saved in a hidden directory and will be replaced during uninstallation, according to Sophos.
"(1) files are being deleted every 30 minutes," the trojan tells affected users.
Sophos was unsure how the trojan was being spread, according to published reports.
The trojan displays pornographic pictures while telling users that malware will continue to multiply - deleting critical files from numerous programs - "until your computer is fried to a pulp."
To receive a fix, PC users are told to go to Western Union and fill out a Swiftpay form for $10.99 to the hacker. The receipt will contain a CIDN number that will begin the uninstallation process when entered into the affected PC, according to Sophos.
The hacker even offers to help users with faulty uninstall software, asking that users send problems to a Yahoo email address.
A recent report by Kaspersky Lab said criminal gangs moved away from the "stealth use" of infected computers to stealing personal information for blackmail during the first three months of 2006.
.png&h=140&w=231&c=1&s=0)
.png&w=120&c=1&s=0)
EDUtech AU
.png&w=120&c=1&s=0)
Security Exhibition & Conference 2025
Integrate Expo 2025
Digital As Usual Cybersecurity Roadshow: Brisbane edition
iTnews Benchmark Security Awards 2025
.jpg&h=140&w=231&c=1&s=0)
.jpg&h=140&w=231&c=1&s=0)
