Fresh Ransom Malware Attacking Windows Servers Spotted
Researchers from Emsisoft a security company state that they have just detected one fresh malware strain that particularly attacks Windows servers. Many organizations just like individuals discovered that the malware locked their servers after asserting it had been sent from ACCDFISA i.e. the "Anti Cyber Crime Department of Federal Internet Security Agency."
But according to Emsisoft, no institution like the ACCDFISA exists, while suppose it did, there certainly would not be any demand for money by it from the server's proprietor requiring him to pay via MoneyPak or PaySafeCard. Apparently, the targeted PC-servers are getting victimized with the fresh malware group, which's presently circulating wild.
The malicious program supposedly from ACCDFISA is a member of the "ransomware" category. This form of malware typically holds the target computer as also its contents in captivity so it can force the computer owner to pay while it gives back to him the lost control over his system. Additionally, a peculiarity of the ACCDFISA malware relates to the unorthodox manner in which computers become contaminated or the different manners in which intermediate tools are utilized for fulfilling its tasks.
Actually when loaded, the ACCDFISA ransomware sets its configuration such that it can automatically become active whenever the computer starts up as well as begin 2 Windows services. Subsequently, it'll scrutinize the computer's hard drive searching differently named data files including .doc, .txt, .dat, .xml, .xls, .pst and .docx files, while utilize the Roshal Archive (RAR) software for making an archive that is password protected as also have each and every original file, Emsisoft elaborates.
Further, the ransomware drops the "Screen Locker," which specifies the ransom amount while aborting the computer's operating capability. The ransom malware forcefully asks for USD 500 to be paid in 24 hours else USD 1,000 in 48 hours. And because it's the encryption that Advance Encryption Standard uses, chances that the password will be cracked are low.
Conclusively, malware analysts and security specialists greatly suggest users against ever paying the sum which the ransomware demands rather utilize authentic malware eliminating software for eliminating the ACCDFISA malware out of their contaminated PCs.
Related article: Fark.com Files Suit against Suspected Hacker from Fox13
» SPAMfighter News - 19-04-2012