Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Trojan Left Users with No Choice, Asks for “Windows or Money”

The researchers of Security firm, Dr. Web, inform that they lately discovered a Trojan that locks users out of their Windows PC until they pay a rescue sum. This Trojan.Winlock is only found spreading in the Russian World Wide Web.

Purportedly, the Trojan is circulated as a sham video codec. It enters into a system through an installation and then maneuver the computer so that on start up the user meet a Russian dialogue giving commands for unlocking the system. This entails sending a numeric string to a vastly priced SMS number for acquiring the release code.

It also cautions that any endeavor to reinstall the system can lead to slaughter of vital details and system damage. The security firm claims that the Trojan was found on April 8, 2009.

Moreover, the security researchers also declare that Trojan.Winlock does not maneuver files but restrict users from the applications and desktop access. A well-informed user can insert a boot CD to evade the problem, use the files and eradicate the Trojan, although anyone less techno savvy can end-up paying for this.

On the FireEye blog, Atif Mushtaq, from FireEye Malware Intelligence, informs that a number is vigorously produced by the virus itself and is may create the ensuing unlock code, as per the news by SecurityProNews on April 21, 2009.

In the course of surveillance of virus's activities, Atif claims the virus boots at the same time a user logs in and correspond with a fake domain: ogggooogoggoog.com, which is registered in Russia.

Apparently, Symantec has reverse-engineered related trojans and produced an unlock tool. Conversely, Atif says that the tool will not work on this fresh version.

Security experts of Dr. Web exhort all users to renounce sending paid messages to virus creators. As per them, using advanced anti-virus software can secure users from the Trojan.

In the meantime, security firm PandaLabs has also noted that it discovered a Trojan called Trj/SMSlock.A which demands money, in the similar manner as that asked by the aforementioned Trojan, to sanitize its infection.

Related article: Trojans to Target VoIP in 2006

» SPAMfighter News - 28-04-2009

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page