Ransomware Trojan Asks for $300 for Giving User Data Back
A new type of Sinowal.FY has been revealed. This deadly code infects the user's files making it inaccessible for him and demands a ransom for providing a tool to decipher the files and decryption key.
When Sinowal.FY is loaded on the system, it exploits each and every document on the hard disk and creates a file called "read_me.txt" with the demand of the kidnapper. To be precise, the file contains a textual message demanding $300 ransom for recovering the files.
According to the reports of the Pcworld on July 17, 2007, the text file contains the ransom note and it goes like - user's files are infected with RSA-4096 algorithm. And it will take a few years to get rid of this infection without the culprit's software. All personal information of past three months has been with the culprits. To decrypt the PC, user has to purchase the software, which costs $300.
The greed for money also forces them to fix a deadline, which demands money within a specific time period, the failure of which will lead to the loss of data. But this is not true, as the encrypted material stays in the system itself.
Interestingly, this type of kidnap is not at all new. The PGPCoder family of trojans has a huge record of ransomware and has also known for making its technique more difficult to break. Ransom.A threatened to eliminate a file within every half an hour but demands a comparatively lower ransom rate of $10.99. On the other hand, one of the oddest worms, Arhiveus.A, did not demand any money, but asks them to purchase products from a particular drugstore.
Senior virus analyst with Moscow-based Kaspersky Lab Inc, Albert Gostev, said that ransomware was last found in 2006 and it has again seen extorting US$ 300 from users whose files the malware has infected, as reported by Pcworld on July 17, 2007.
The hit list contains some of the largest companies, like satellite network provider Hughes Network Systems, Booz Allen Hamilton, defense contractor L-3 Communications, computer services company Unisys Corp., computer maker Hewlett-Packer Co.
Related article: Ransomware May Soon Target Mac Computers
» SPAMfighter News - 27-07-2007