New ransomware trojan freezes PCs

By

A new type of ransomware, which freezes an infected PC and then demands affected users send the hacker money via Western Union, has emerged, according to security experts.

The trojan, called Troj/Ransom-A by Sophos, creates a number of new .exe files on a Windows operating system, then tells users that deleted files are saved in a hidden directory and will be replaced during uninstallation, according to Sophos.


"(1) files are being deleted every 30 minutes," the trojan tells affected users.

Sophos was unsure how the trojan was being spread, according to published reports.

The trojan displays pornographic pictures while telling users that malware will continue to multiply - deleting critical files from numerous programs - "until your computer is fried to a pulp."

To receive a fix, PC users are told to go to Western Union and fill out a Swiftpay form for $10.99 to the hacker. The receipt will contain a CIDN number that will begin the uninstallation process when entered into the affected PC, according to Sophos.

The hacker even offers to help users with faulty uninstall software, asking that users send problems to a Yahoo email address. 

A recent report by Kaspersky Lab said criminal gangs moved away from the "stealth use" of infected computers to stealing personal information for blackmail during the first three months of 2006.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:

Most Read Articles

India's alarm over Chinese spying rocks CCTV makers

India's alarm over Chinese spying rocks CCTV makers

Woolworths' CSO is Optus-bound

Woolworths' CSO is Optus-bound

Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies

Cyber companies hope to untangle weird hacker codenames

Cyber companies hope to untangle weird hacker codenames

Log In

  |  Forgot your password?