Sponsor for PC Pals Forum

Author Topic: Trojan holds computer files to ransom  (Read 696 times)

Offline Clive

  • Administrator
  • *****
  • Posts: 75153
  • Won Quiz of the Year 2015,2016,2017, 2020, 2021
Trojan holds computer files to ransom
« on: May 25, 2005, 16:23 »
14:15 25 May 2005
New Scientist

Security experts warned on Tuesday of a new type of threat to computer users called ?ransom-ware? - malicious code which tries to extort money from users by encoding files on their machines and holding them to ransom.

The new exploit was discovered by San Diego-based company Websense when a corporate client received a demand for $200 for the digital keys to unlock their data.

The malicious code was traced back to a corrupted website. It took advantage of a vulnerability in the victim?s web browser, which allowed the code embedded in the website to run automatically on the user?s PC.

Once it has infected a computer, the program - a type of Trojan called Pgpcoder - searches the victim?s hard drive for 15 common file types to encode, including Word, Excel documents and stored web pages.

Electronic extortion
A note then appears on the victim?s screen demanding money for the decoder, with details of an electronic account and a contact email address. ?It?s just another version of extortion,? says Dan Hubbard, director of security and defence at Websense. But the attack appears to be isolated and fortunately the encoding algorithm was not particularly sophisticated, he adds.

After studying the algorithm, Joe Stewart, a computer security consultant with Chicago-based Lurhq, was quickly able to reverse-engineer it and build a decoder to recover the data. He says it was trivial to decode, although the Trojan?s name - Pgpcoder - misleadingly suggests it harnesses the extremely secure encryption software, PGP.

But the danger now is that, instead of using easily decodable algorithms, virus writers might turn to military-grade encryption systems instead. ?It would be all but impossible to decrypt the files,? says Stewart. This in itself may be terrifying enough to cause some people to pay up.

http://www.newscientist.com/article.ns?id=dn7426


Show unread posts since last visit.
Sponsor for PC Pals Forum