Explore the latest news and trends  

Keep yourself up to date with one of the following options:

  • Explore more news around Spam/Phishing, Malware/Cyber-attacks and Antivirus
  • Receive news and special offers from SPAMfighter directly in your inbox.
  • Get free tips and tricks from our blog and improve your security when surfing the net.
Go

Encryption Malware Increasingly Infecting PCs in Spain and France

Dr. Web the Russian anti-virus firm is reporting one currently circulating massive malware campaign that is distributing Trojan.ArchiveLock a malicious encryption program known to infect computers outside Russia. The countries increasingly affected are Spain and France.

It is evident that the Trojan.ArchiveLock encrypts files by utilizing WinRAR the archiver. Cyber-criminals while distributing it leverage one brute force assault against target PCs through Remote Desktop Protocol. And immediately after establishing a linkage with the affected computer, they install the malicious program which replicates the encryption code and pastes it onto any system folder of the compromised machine.

Thereafter, Trojan.ArchiveLock.20 makes a file list intended for encryption, cleanses the Recycle Folder as well as erases all backup contents that may be on the PC. Utilizing the WinRAR's console version, the Trojan adds files and folders from the mentioned list onto archives that are password-protected as well as self-extracting, while uses one unusual functionary for erasing previously existing files that then become non-retrieval.

Following this, it (Trojan.ArchiveLock.20) shows a lengthy missive to the victim elucidating on the situation while stating that a password (as long as 50 characters) costing $5,000 can be obtained which will unlock the archives. The lengthy missive as well suggests that the user should ask for technical support. Moreover, it blames him apparently for spamming illegitimate websites, with child porn been also spotted on his PC. And since this is a legal violation that causes hazards to other computer operators it has been necessary to block the functioning of his desktop, the message adds.

Meanwhile, security specialists from Dr. Web state that the Trojan has, since 48-hrs past, compromised numerous computers in France and Spain. According to them, the firm has received huge bunches of requests in which users complain of the Trojan.ArchiveLock.20 encrypting their files, with similar requests still coming in. Help Net Security published this dated March 14, 2013.

The specialists consequently advise end-users that they should overlook the missive, be careful to not pay the ransom asked for, leave all files undeleted, not install the OS afresh, rather run an updated anti-virus solution and cleanse the malware.

Related article: Encryption Technology Enhances Protection of Data

ยป SPAMfighter News - 19-03-2013

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Exchange Anti Spam Filter
Go back to previous page
Next