Trojans Attack For Ransom

Security experts have rated a 30 percent occurrence to the practice of holding personal data to ransom. The occurrence of ransomware first appeared in early 2004 touching a peak in the second quarter of 2006.

A typical ransomware attack comprises the following steps. First the criminal victimizes a computer by a worm or Trojan and takes control over it to grab a slew of data files. Then he encrypts those files so that the owner loses access over them. Later the attacker notifies the victim though an e-mail demanding a ransom to unencrypt the frozen files.

According to Graham Cluley, senior technology consultant at Sophos, most of the viruses and Trojan horses written today were with the sole intention to make money and it wouldn't be surprising to find that much more ransomware will be authored in future.

The first ransomware appeared in March with the Zippo.A Trojan horse. It searches for Word document files, databases and spreadsheets and shifts them to a password locked and encrypted ZIP file. Then it makes another file informing the user that he needs to pay $300 to retrieve those files. Later in April this year the Troj/Ransom-A was spotted that threatened the user every 30 minutes that it would delete a particular file until the user paid a $10.99 ransom.

Security experts warn about a new Trojan called Dloadr.AMA that arrives with an e-mail claiming to come from a company called 'Cihost' that misinforms the recipient that his credit card has been charged over 125 pounds. The mail has the subject line: '[paycheck 322082] Credit Card Chargeback'. Further if e-mail, which comes with attachment called PAYCHECK.ZIP is opened, it installs a Trojan that will download many other malicious code from the Internet.

As measures of safety against these types of threats, it is necessary to have a good, up-to-date anti-virus installed. Downloading files from P2P networks or opening unsolicited e-mail messages act as principal channels for spreading these malware. Thus caution is required. Moreover, frequent back-up copies of vital files should be maintained so that they can be recovered in case the computer is affected.

Related article: Trojans to Target VoIP in 2006

» SPAMfighter News - 9/1/2006