Announcement

Collapse
No announcement yet.

Just another Virus

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Just another Virus

    Now they're really getting clever

    The latest threat to computer users doesn't destroy data or steal passwords--it locks up a person's electronic documents, effectively holding them hostage, and demands $200 over the Internet to get them back.

    Security researchers at San Diego-based Websense Inc. uncovered the unusual extortion plot when a corporate customer they would not identify fell victim to the infection, which encrypted files that included documents, photographs and spreadsheets.

    A ransom note left behind included an e-mail address, and the attacker using the address later demanded $200 for the digital keys to unlock the files.

    "This is equivalent to someone coming into your home, putting your valuables in a safe and not telling you the combination," said Oliver Friedrichs, a security manager for Symantec Corp. The company said Tuesday that the problem was serious but not deemed a high-level threat because there were no indications it was widespread.

    The FBI said the scheme was unlike other Internet extortion crimes. Leading security and antivirus firms this week were updating protective software for companies and consumers to guard against this type of attack, dubbed "ransom-ware."

    "This seems fully malicious," said Joe Stewart, a researcher at Chicago-based Lurhq Corp. who studied the attack software. Stewart managed to unlock the infected computer files without paying the extortion, but he worries that improved versions might be more difficult to overcome. Internet attacks commonly become more effective as they evolve over time and hackers learn to avoid the mistakes of earlier infections.

    "You would have to pay the guy, or law enforcement would have to get his key to unencrypt the files," Stewart said.

    The latest danger adds to the risks facing beleaguered Internet users, who must increasingly deal with categories of threats that include spyware, viruses, worms, phishing e-mail fraud and denial of service attacks.

    In the recent case, computer users could be infected by viewing a vandalized Web site with vulnerable Internet browser software. The infection locked up at least 15 types of data files and left behind a note with instructions to send e-mail to a particular address to purchase unlocking keys. In an e-mail reply, the hacker demanded $200 be wired to an Internet banking account.

    "I send programm to your email," the hacker wrote.

    There was no reply to e-mails sent to that address Monday by The Associated Press.

    Ed Stroz, a former FBI agent who now investigates computer crimes for corporations, said the relatively cheap ransom demand--only $200--probably was deliberately low to encourage victims to pay rather than call police and to discourage law enforcement from assigning these cases a high priority.

    "That's a very powerful threat," Stroz said. "If somebody encrypted your files, you need this stuff now to do your work."

    FBI spokesman Paul Bresson said more familiar Internet extortion schemes involve hackers demanding tens of thousands of dollars and threatening to attack commercial Web sites, interfering with sales or stealing customer data.

    Experts said the Web site where the infection originally spread had already been shut down. They also said the hacker's demand for payment might be his weakness, since bank transactions can be traced easily.

    "The problem is getting away with it--you've got to send the money somewhere," Stewart said. "If it involves some sort of monetary transaction, it's far easier to trace than an e-mail account."
    As I was reading I was thinking about the tracing the money issue. If you could have it transferred out of the country.............

    All this from just viewing a web site. Scary stuff.
    It's almost as if all his overconfident, absolutist assertions were spoonfed to him by a trusted website or subreddit. Sheeple
    RIP Tony Bogey & Baron O

  • #2
    Of course the money transfer would have to be out of the US, but the US has a lot of leverage over most foreign banks (want to be able to transact electronic business with any US bank, ever? ), and I'm sure there are tons of legal requirements and regulatory protocols for moving electronic transfers.
    When all else fails, blame brown people. | Hire a teen, while they still know it all. | Trump-Palin 2016. "You're fired." "I quit."

    Comment


    • #3
      Any chance of the mods getting their banning rods held for ransom? :hope:
      Long time member @ Apolyton
      Civilization player since the dawn of time

      Comment


      • #4
        While I agree that most would cooperate, it only takes finding a few that won't.

        But besides that, what if they start asking for the ole bag drop, and sending you the codes only after they know they've gotten away. As a company do you risk never getting the codes? What's your data worth? It might be enough that you just pay rather than risking the authorities will screw it up.
        It's almost as if all his overconfident, absolutist assertions were spoonfed to him by a trusted website or subreddit. Sheeple
        RIP Tony Bogey & Baron O

        Comment


        • #5
          I send programm to your PM.

          Give me 400USD.

          Comment


          • #6
            Only feebs vote.

            Comment


            • #7
              Security researchers at San Diego-based Websense Inc.
              I despise websense more than any virus.
              Call to Power 2: Apolyton Edition - download the latest version (12th June 2011)
              CtP2 AE Wiki & Modding Reference
              One way to compile the CtP2 Source Code.

              Comment


              • #8
                why?
                Long time member @ Apolyton
                Civilization player since the dawn of time

                Comment


                • #9
                  It stops me watching porn at work.
                  Call to Power 2: Apolyton Edition - download the latest version (12th June 2011)
                  CtP2 AE Wiki & Modding Reference
                  One way to compile the CtP2 Source Code.

                  Comment


                  • #10
                    Long time member @ Apolyton
                    Civilization player since the dawn of time

                    Comment


                    • #11
                      Originally posted by rah
                      While I agree that most would cooperate, it only takes finding a few that won't.

                      But besides that, what if they start asking for the ole bag drop, and sending you the codes only after they know they've gotten away. As a company do you risk never getting the codes? What's your data worth? It might be enough that you just pay rather than risking the authorities will screw it up.
                      The few that wouldn't cooperate would have a tought time not receiving funds by or through US banks or clearinghouses.

                      If you're looking at this as an enterprise level threat, that's much less likely to be a problem unless the IT security nazis are a bunch of slackers.

                      For individuals, it could be a pain if they don't have backup copies of stuff, but again, if the individual user doesn't secure his computer with what's easily available, and doesn't back up his files, how valuable can anything be on that user's computer? Aunt Gladys's meatloaf recipe might have sentimental value, but so what?
                      When all else fails, blame brown people. | Hire a teen, while they still know it all. | Trump-Palin 2016. "You're fired." "I quit."

                      Comment


                      • #12
                        Honestly, the virus? Leaving a calling card like that?

                        It's almost as stupid as this:
                        B♭3

                        Comment


                        • #13
                          While I generally agree with you Michael, there are plenty of mid-sized companies that have crap for security, or smaller companies where there entire infrastructure department is one guy.
                          Especially for lap-tops that are used in the field. Most non-technical people can't be counted on observing even some of the most simple procedures until they've been burned a few times.
                          It's almost as if all his overconfident, absolutist assertions were spoonfed to him by a trusted website or subreddit. Sheeple
                          RIP Tony Bogey & Baron O

                          Comment


                          • #14
                            Think of it as a new form of security.
                            When all else fails, blame brown people. | Hire a teen, while they still know it all. | Trump-Palin 2016. "You're fired." "I quit."

                            Comment


                            • #15
                              It could also be a great marketing angle:

                              "If you weren't such a fooking moron about securing your computer and the data in it, you wouldn't have gotten this virus. Now that you have, try Aleksandrovich's Anti-Virus one day demo version for only $199.95"
                              When all else fails, blame brown people. | Hire a teen, while they still know it all. | Trump-Palin 2016. "You're fired." "I quit."

                              Comment

                              Working...
                              X