Trojan horse: Your money or your files

By Joris Evers
Staff Writer, CNET News

Print
E-mail
Share

Related Stories: Security tool aims to stop drive-by installs
April 28, 2006; BBC stories used as bait for IE exploit
March 30, 2006; Trojan Cryzip extorts decryption fee
March 14, 2006; Miscreants encrypt files, hold them for ransom
May 24, 2005

In another example of "ransomware," a new Trojan horse threatens to delete files unless the victim pays up, security experts have warned.

When activated, the Trojan horse, dubbed Ransom-A by antivirus company Sophos, displays some explicit images. It then shows an expletive message that demands a $10.99 payment, or it will delete one file every 30 minutes, security experts at SophosLabs said in a statement published Friday.

"This Trojan horse is designed to take your data hostage and tries to scare users into paying up quickly by threatening to wipe files one-by-one," Graham Cluley, senior technology consultant at Sophos, said in the statement.

The Trojan asks for payment via the Western Union money transfer service and promises delivery of a special disarming code after the ransom is paid, Sophos said.

This is the second example of malicious software that seeks to extort money in as many months. In March, a Trojan horse that encrypts victims' files and demands a $300 payment to have them decrypted and unlocked made the rounds. A similar attack was spotted in May of last year.

"Our concern is that this may be the beginning of a growing trend of malware designed to extort money," Cluley said.

Sophos recommends that people make backups of their data and run updated security software for protection against pests such as these ransom-demanding Trojans. As a general rule, Internet users should be cautious when opening e-mail attachments and surfing untrusted Web sites.

See more CNET content tagged:
trojan horse, Sophos Plc., Graham Cluley, victim, payment

Add a Comment (Log in or register) 16 comments

What is Western Union doing?

by grangerfx April 28, 2006 6:07 PM PDT

I am surprised that the author of this story did not contact Western Union to find out if they will prevent the money from getting to the criminals in this case and what they are doing to prevent this sort of thing from happening in the future.

Reply to this comment

How would they know?
by GEBERWEIN April 29, 2006 6:03 AM PDT: Unless the person sending the money told the local Western Union associated vendor what the cash was for, how would they know? It's not like the victim is gonna' tell everyone about the ransom - most extortion victims, fearing retribution, don't tell anyone; even the police. But, if they do tell police then Western Union should be cooperating with the law by revealing their records of the transaction.

Easy to avoid this nonsense

by Bill Dautrive April 29, 2006 12:33 PM PDT

1. Do not use Windows, problem solved
a. If you must use windows, don't be stupid. Do all the things that windows users must do to be sort of secure, run lots of third party security apps, don't use IE, ect.
b. If you are stupid, keep everything backed up and wipe your disk and reinstall windows when you "mistakenly" download a trojan.
c. Rinse and repeat

Reply to this comment

Why Stop There
by PzkwVIb April 30, 2006 10:06 AM PDT: Don't use a computer and you will have nothing to worry about. Idiotic *nix evalengests are always quick to point out that Windows is unsecure. Gusee what chuckles, the average user doesn't want to put the time into learning the ins and outs of *nix, so they are stuck with something easier to learn, like Windows or MACs and most of them are incapable of writing their own software, so they are stuck with commercialy available software, that is easy to install. That leaves out *nix and Macs both because of available variety and (dis)ease of installation. Until that changes the average user will use Windows. Get used to it!; View reply
Processing

Why Stop There
by PzkwVIb April 30, 2006 10:06 AM PDT: Don't use a computer and you will have nothing to worry about. Idiotic *nix evalengests are always quick to point out that Windows is unsecure. Guess what chuckles, the average user doesn't want to put the time into learning the ins and outs of *nix, so they are stuck with something easier to learn, like Windows or MACs and most of them are incapable of writing their own software, so they are stuck with commercialy available software, that is easy to install. That leaves out *nix and Macs both because of available variety and (dis)ease of installation. Until that changes the average user will use Windows. Get used to it!

Educate the less knowledgable, not bash them with your superiority complex
by thanhvn May 1, 2006 12:47 AM PDT: Let me see: do you build your own house? do you fix your own car? do you grow your own food? do you tailor your own clothes? do you record your own entertainment? do you ... ? Of course not. Not very many of us can afford to be knowledgable in more than a few areas. So, for the vast majority of people out there, computer technology is an area that they are not knowledgable in, so blaming them for being "stupid", for doing something they should know better than, is both non-constructive and arrogant. It's unfortunate that while Windows is easier to use than Unix (and flavors), it is also inherently less secure. What we should do is educate these people to be more knowledgable instead of bashing their ignorance. I'm sure there are a lot of areas in life where you're ignorant at, and how would you like it if people knowledgable in those fields start calling you stupid?; View reply
Processing

can't just change to *nix

by kaufmanmoore April 29, 2006 5:07 PM PDT

The idea that just chaninging to a *nix based OS and you'll be ok is deeply flawed. Any system has vulnerabilities and as *nix based systems get more popular more vulnerabilities will be found and exploited. Changing to a *nix based OS will make you less vulnerable, but u will still need antivirus and firewall software (and soon enough antispyware will become a necessity).

Reply to this comment

Not true
by Aepervius April 30, 2006 7:20 AM PDT: The statement that popularity goes in parallel to attack is simply not true. On the web server business for example open source has as much market share than microsoft. Despite that you see much more attack geared toward IIS and more recent microsoft offering (and it is closed source!).

The simple truth is that microsoft is unsecure; deeply, profundely, from design insecure. And developper forcing the user to run as admin, to install and run their software do not help. Mind you *nix, *nux have their fault, and are not devoid of vulnerability, and are certainly less user friendly.

The bottom line is that it is easier to make a trojan for an vulnerable designed closed source OS, than for a stronger secured open source one.; View reply
Processing

Factualy incorrect.
by Aepervius April 30, 2006 7:22 AM PDT: The statement that popularity goes in parallel to attack is simply not true. On the web server business for example open source has as much market share than microsoft. Despite that you see much more attack geared toward IIS and more recent microsoft offering (and it is closed source!).

The simple truth is that microsoft is unsecure; deeply, profundely, from design insecure. And developper forcing the user to run as admin, to install and run their software do not help. Mind you *nix, *nux have their fault, and are not devoid of vulnerability, and are certainly less user friendly.

The bottom line is that it is easier to make a trojan for an vulnerable designed closed source OS, than for a stronger secured open source one.; View reply
Processing

Soon this will become a fad or maybe it won't.

by OneWithTech April 29, 2006 5:34 PM PDT

I like to reference the WWW as the Ultimate Digital Autobahn. No rules, no regulations, only the ability to do whatever you want, when you want, without evident reprocusions in any manner.

Wait, even the Autobahn has rules! No wonder why we can drive like a "bat out of hell" and still live to tell about it. There's rules and regulation to driving on the Autobahn even though you can enjoy a cruze in a Lambo at 150.

Mabey Congress should look at the Audobahn and what is represents before making some rash decisions that will decide the fait of the internet as we know it.

How ironic that a bunch of Congressman think they know enough about technology to do something about it. I bet if I came up with with a questionare, 20 questions about general technology, that 90% of you on the hill would only score a 6 at best.

With that said, how do you plan on ensuring a Bill that would allow freedom on the Web and punish those that abuse it. Wait, I know how!

You have people like Microsoft, Google, Sun, and Apple breating down your necks with some green stuff telling you what you want to here while ensuring that your views are steering a direction to there liking.

Unfortunately for me, I can't afford to be up there in Capitol Hill because if I was, you'd get a clear understading of the web in it's current fashion. From someone that has something to lose when it comes to NET Neutrality as well as ISP snooping.

Until there is some ordered restored on the Net it will continue to be subject to people like the ones that created this Trojan Horse. I don't forsee it getting better either while those that decide the Nets fait are continually tossed by the Bill Gates of this world.

~Justin

Reply to this comment

Not strictly true...........
by CatNet May 5, 2006 11:58 AM PDT: The speed limit on the Autobahn is 130kmh. The nice man with blue lights let me know that...........

What about Mac's new virus....
by mrpeabody3119 May 1, 2006 8:59 AM PDT: http://www.cnn.com/2006/TECH/04/30/apple.security.ap/index.html; Reply to this comment

Latest tech news headlines

Q&A: What's ahead for Visual Studio and .Net
Posted in News - Business Tech by Adrian Bridgwater

November 22, 2008 6:10 AM PST
Lifestreaming in Obamaland
Posted in Outside the Lines by Dan Farber

November 21, 2008 11:59 PM PST
Judge orders Ballmer to testify in Vista suit
Posted in Beyond Binary by Ina Fried

November 21, 2008 7:35 PM PST
See all headlines

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.

More feeds available in our RSS feed index.

Markets: Market news, charts, SEC filings, and more; Related quotes; Dow Jones Industrials (6.54%) 494.13 8,046.42; S&P 500 (6.32%) 47.59 800.03; NASDAQ (5.18%) 68.23 1,384.35; CNET TECH (5.95%) 56.25 1,002.00

Inside CNET News

Scroll Left Scroll Right

Business Tech
Q&A: What's ahead for Visual Studio and .Net
Microsoft's Jason Zander and Matt Carter talk tools and set out the company's manifesto for data democracy.
Gallery
Photos: Gadgets we're thankful for, Part 1
Military Tech
Army backs Hydrogen Highway
US Army has awarded a $1.8 million contract to develop hydrogen filling stations.
Outside the Lines
Lifestreaming in Obamaland
The technologies that helped Obama reach the White House are going to make the president-elect's life more transparent and scrutinized than any previous White House occupant.
Video
The BlackBerry Storm touches down
Digital Media
MySpace Music to name Courtney Holt chief next week
The lengthy CEO search at MySpace Music is finally coming to an end. Now let's see what the new guy can do against Apple.
Video
SF Bay Area plugs in
Politics and Law
The key to innovation: Privately owned fiber?
A paper released by the New America Foundation proposes encouraging consumers to purchase their own fiber lines.
Cutting Edge
Water ice glaciers spotted on Mars
NASA scientists find what they believe are huge water ice glaciers sitting just beneath the Martian surface.
Gallery
Photos: Top-rated reviews of the week
Crave
This week in Crave
Didn't have time to follow Crave this week? Here's what you need to know to be the belle of the gadget ball.
Green Tech
Google crunches numbers on clean-energy policy
Search giant pressures policy makers with an analysis arguing that government and business can clean the U.S. energy supply while stimulating the economy.