New ‘ransomware’ virus at large

A new type of virus that encrypts documents and demands a ransom to get them back is circulating on the internet.

A new type of virus that encrypts documents and demands a ransom to get them back is circulating on the internet.
 
The Trojan horse virus encrypts the contents of a user's Word documents, databases or spreadsheets, and then leaves a file demanding $300 for the password to access the information, according to security company Sophos. Victims are directed to transfer money to accounts run by a company that runs a money transfer site.

So far, it's unclear how the virus is spreading. It’s not been widely sent via spam email and is likely to have been embedded in a web page and spread through a so-called drive-by install.

The password to unlock the data is actually contained in the Trojan and is used in the process of encrypting the files. But after encrypting the data, the Trojan deletes itself. Technicians at Sophos extracted the password, which is made to look like a file path name - C:Program FilesMicrosoft Visual StudioVC98.

As if the threat of a ransom to get your documents back is not enough, the real worry here is how this virus is being circulated. Users are conditioned not to open spammed emails – now the virus writers are once again a step ahead.

CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

Read more on Antivirus, firewall and IDS products

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close