New Ransomware Scam Accuses of Copyright Violation
Roman Hussy, security expert from Switzerland, the Zeus monitoring website and SpyEye Tracker its parallel site have discovered one ransomware, a malware that locks PCs followed with demanding money from their owners in return for giving back the systems' control to them after alleging that they had breached on copyright. Pcworld.com published this on May 7, 2012.
The abuse.ch blog's creator Hussy published online one screenshot displaying the ransomware with Performing Right Society's logos that's the name of one copyright collection institution in the UK managing collective rights pertaining to works on music.
The screenshot specifically showed an alert that deceptively claimed about copyright protected content detected on the victim's PC which had been shifted onto an encrypted directory for arresting additional destruction.
The alert also told the victim that for freeing his computer as also for preventing other lawful effects, he must pay 50 pounds (USD80). Moreover, for paying the ransom, he could use the PaySafeCard, the card system catering to prepaid payment made available all over Europe along with USA.
In the personal website, Hussy posted that the scam artists yet provided details regarding where a PaySafeCard could be bought.
In the ransomware's most recent edition, one Black-Hole attack toolkit hosted on the compromised pampa04.com website was used for disseminating the malware. Incase of non-updated Java software loaded onto the victim's PC, the already pulled down Java Archive (JAR) file namely Edu-jar reportedly, started off getting the Trojan's download that culminated into the target PC's infection.
Hussy blogged on May 6, 2012 that the identification rate of the Trojan by VirusTotal's engines is 4/42.
Importantly, the ransomware is made worse via it being accompanied with more malicious payload i.e. Bot Aldi, which filches Internet-banking credentials just like SpyEye or ZeuS Trojan viruses perform. Furthermore, Aldi can be utilized for executing Distributed Denial of Service (DDoS) assaults, Abuse.ch states.
The website also states that the ransomware struck users in Switzerland, Germany, France, Britain and Austria followed with The Netherlands.
Thus Hussy advises people to keep their operating system along with other software, particularly browser plug-ins, updated for avoiding ransomware infections.
Related article: New Zealand Releases Code To Reduce Spam
» SPAMfighter News - 14-05-2012