A new type of virus that encrypts documents and demands a ransom to get them back is circulating on the internet.
The Trojan horse virus encrypts the contents of a user's Word documents, databases or spreadsheets, and then leaves a file demanding $300 for the password to access the information, according to security company Sophos. Victims are directed to transfer money to accounts run by a company that runs a money transfer site.
So far, it's unclear how the virus is spreading. It’s not been widely sent via spam email and is likely to have been embedded in a web page and spread through a so-called drive-by install.
The password to unlock the data is actually contained in the Trojan and is used in the process of encrypting the files. But after encrypting the data, the Trojan deletes itself. Technicians at Sophos extracted the password, which is made to look like a file path name - C:Program FilesMicrosoft Visual StudioVC98.
As if the threat of a ransom to get your documents back is not enough, the real worry here is how this virus is being circulated. Users are conditioned not to open spammed emails – now the virus writers are once again a step ahead.