SMS Ransomware Back to Trick Internet Users

Dancho Danchev, security specialist and Independent Security Consultant, revealed in his blog posted on blogspot.com on May 27, 2009 that it has become clear that the "ransomware" is making a return.

Some of the characteristics of the new ransomware, as noted by Danchev, are that it blocks the desktop entirely; supports Windows 98/Vista; copies itself to the system folder, thereby making it extremely tough for the user to detect the malicious file; blocks all windows including Task Manager; and locks system key combinations trying to remove it.

Moreover, as far as the working of the ransomware is concerned, security experts say that the user may see an alert message, claiming that an anti-piracy initiative has been launched by Microsoft, and to receive unlock code, they are asked to sent a SMS of $1 to a particular phone number.

Danchev warns that the growing localization on the demand services providing translations for spam, malware and phishing campaigns into various popular international languages has raised the fear that SMS ransomware is soon going to target the users who speak English besides the ones who speak Russian, as reported by SOFTPEDIA on May 27, 2009.

Security experts view ransomware as another step in the scareware's (or rogueware) evolution. Scareware is the malevolent software that tricks users by frightening them to acquire fake licenses; generally asserting that their systems have got infected.

Consequently, due to the phony warning issued by malware distributors, a large number of people gave up their personal and financial credentials. In fact, numerous people have been tricked in this way in the last few months. The ransomware market is being growing in last few years, particularly since the 2009's beginning, as per the security experts.

Besides, in March 2009 and April 2009, scareware joined the ransomware business in the form of FakeAlert-CO or System Security and File Fix Professional 2009. Two other SMS ransomware variants Trj/SMSlock.A as well as its modified version also added to the lot. These aforementioned scareware successfully defraud numerous people, who clicked on fake links and as a result, ended up in downloading virus onto their computer systems.

Related article: SANS Highlights Twenty Top Hacker Targets

» SPAMfighter News - 6/2/2009