Computer Users Warned against New Ransomware Attack
Security researchers at Computer Associates (CA) have recently discovered a new ransomware attack wherein malicious writers have given a twist to their ransomware style malware.
Ransomware, scareware and rogueware use the same technique of bullying users to purchase software that contaminates their system with encrypted files in order to take control of entire system. Moreover, the cyber criminals operating this scam block users from accessing Internet.
Zarestel Ferrer, CA's Security Advisor Research, said that CA had detected the malware as 'Win32/RansomSMS.AH' which usually came with a software known as uFast Download Manager, as reported by community on November 30, 2009.
Ferrer added that once the machine infected by the malware, a message popped up on screen in Russian language. The rogue translation of message into English read - Internet access had been suspended in view of breeching the license agreement schedules of uFast Download Manager. Then, users were asked that they could activate their copy and received registration code by sending a SMS at the details given below, said Ferrer.
Thereafter, users receive an activation message (code number) in response to the SMS sent by them earlier.
CA has also disclosed that its investigation of the abovementioned attack lead to the conclusion that no uninstaller program is capable of removing the ransomware from desktop or similar installed components.
As a result, such kinds of activities are violation of laws and the installed component should be viewed as the potential unwanted program or malware.
Citing the new ransomware attack, CA has recommended users that they should take precautionary measures to avoid cyber security incidents and update their security program on a regular basis.
This new ploy of deceiving computer users is a variant of previous ransomware attacks in which hackers encrypted and blocked access to a particular file. A similar incident was reported in January 2008 when Windows machines were locked up and asked for ransom through SMS to free the machines.
Finally, Fortinet (another security company) has predicted more ransomware attacks because of higher public awareness, preceding scareware attacks have become less effective and therefore, cyber criminals will target people with new ransomware attacks.
Related article: Computer Virus Writers Adopt New Strategy
» SPAMfighter News - 12/11/2009
We are happy to see you are reading our IT Security News.
We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!