PandaLabs detects new ransomware, Trj/SMSlock.A
According to PandaLabs the security provider, the most recent malicious program to work as ransomware is Trj/SMSlock.A.
Says the company that the Trojan chiefly aims to get computer users to pay a large sum of money to have their system completely operative.
Accordingly, once the malware is installed on the end-user's computer, it displays an alert on the PC screen that says that attempts to reinstall the system could lead to the deletion of vital data and thereby considerable computer damage.
Meanwhile, experts on computer security stated SMSlock.A doesn't proliferate automatically through means of its own, rather it requires the targeted user to intervene to make its way into the affected PC.
States PandaLabs that it is not difficult to identify SMSlock.A for, the message it shows is in Russian language that notifies the user that his PC would become inoperative until he dispatches an SMS at 3649 along with a text randomly written.
Thus it is clear that the Trojan is especially created to target users knowing Russian language and that it is chiefly crafted to yield financial gains to its controller.
Reportedly, the malware's threat level is rated as medium and it affects Windows XP/2003/2000/ ME/ NT/ 3.X/ 98/95.
Says Xabier Francisco, research expert and blogger at PandaLabs that until the emergence of SMSlock.A PandaLabs had observed that ransomware's functions pertained to encrypting specific files or documents on the PC or deleting the e-mails and contact addresses from the user's mailbox, to mention some. But with Troj.SMSlock.com, it completely blocks the user's ability to access the computer, leaving the system totally inoperable. PandaLabs Blog reported this on April 20, 2009.
In the meantime, cyber-criminals continue to search better techniques to spread their malicious programs, especially ransomware, since selling such damaging software along with trading illegally acquired data yield them revenue.
As a matter of fact, with malicious software increasing in number everywhere, F-Secure the security vendor just reported another new sample of ransomware, Trojan.Ransomlock during the 3rd week of April 2009. Also, said the security experts that the business of trading ransomware had definitely been expanding over the recent past.
Related article: PandaLabs Report Discusses Movie Trojan and Other Worms
» SPAMfighter News - 28-04-2009