Symantec Discovers Browser Trojan Infecting Computers
Symantec Security Response Team have recently discovered a new attack vector - Trojan.Ransompage - which is actually an upgradation of ransom threats sent after deploying bogus antivirus applications in order to force people to send premium text messages.
Security researchers have disclosed that ones the computer is infected by the Trojan, victim's browser persistently shows an advertisement on every web page he goes. Moreover, the advertisement remains on the page even when the victim scrolls down.
The text of advertisement is written in the Russian language and gives instructions to the victim that he should send a premium text message at the number given in it. After sending the message, the victim will receive a code to delete the advertisement.
As per the security researchers, the logic behind deploying such a nasty Trojan on a computer is to frustrate user. When a user fails to find appropriate solution for removing the advertisement, he deliberately sends an SMS to the premium rate telephone number from where cybercriminals make easy money.
The Trojan has the potential to transmit important personal details to a remote location. Windows 98, Windows 2000, Windows 95, Windows Server 2003, Windows XP, Windows NT, Windows Me and Windows Vista are the operating systems affected by the Trojan.
Besides, Symantec's security analysts have given the rating of 'Low' to risk emanating from the Trojan.
The security vendor has warned people that switching over to another web browser is not a right option because criminals are cleverly targeting all browsers, including Opera, Firefox and Internet Explorer.
Hence, the best way to protect from the threat is to maintain an updated operating system and browser along with integrating fixes released for both browser and operating system. firewall and antivirus application should be updated with the latest definition sets.
Apart from this, users should use a password policy as complex passwords are difficult to crack on the compromised computers. Adoption of this policy has its own benefits like limiting damage if the computers was corrupted, said security experts.
Ransomware is not a new concept used by cyber criminals, In July 2008, a widely renowned Gpcode 'ransomware' virus infected a large number of computers.
» SPAMfighter News - 11-08-2009