Ransom Trojan Uses Cryptography for Malicious Purpose

Every day millions of people go online to find information, to do business, to have a good time. Alas, some people go there to commit crimes as well. Though crimes have been committed via the Internet almost from its very launch, now cybercriminals have become dangerous as never before.

We've been warned lots of times about stealing data -- identity theft, phishing scams and pharming; we have at least heard of denial-of-service attacks and "zombie" computers, and now one more type of online attack has emerged: holding data for ransom. Extortionists remotely encrypt somebody's files and then demand money for the key to decode the information.

Experts say it is not yet a tendency; websites that used to infect users with the Trojan, have been put down. Besides, this program, Trojan.Pgpcoder, exploits a vulnerability in Microsoft Internet Explorer, which users should have patched as long ago as last July. However, there is no guarantee that such attacks won't appear in future, and all PCs will be patched at that time.

Websense, the San Diego-based Web security company, was the first to report such a case two weeks ago, when its customer fell victim to the attack.

Researchers at Symantec also have seen the malicious program used in the ransom attack. Oliver Friedrichs, a senior manager at Symantec Security Response said that attackers could use a website, email, or other means to distribute the Trojan.Pgpcoder and launch a widespread extortion campaign.

When the user visits a malicious website, his unpatched PC gets infected with a Trojan Horse (downloader-aag). This Trojan Horse downloader connects to another website, downloads the encoding application, and runs it.

The malicious encoding program searches for 15 common file types, including images and Microsoft Office files on the computer and encrypts them, and deletes the original files.

Then it creates a file with a ransom note called “Attention!!!”, where demands $200 for a tool needed to decrypt the files.

However, there is a weak spot in the attackers' scheme. It is possible to trace the money and to catch the extortionists when they try to collect the ransom. Maybe, it will prevent this kind of cybercrime from spreading.

Time will show whether we see this Trojan attack again or something similar appears and there will be a real need for a name for such type of Trojans -- how do you like "ransomware"? I have already seen this word used, but let's hope for the best.

Anyway, it is always wise of users to keep anti-virus and security software up-to-date and back up data. Just to be on the safe side.

Alexandra Gamanenko currently works at Raytown Corporation, LLC -- an independent software developing company that provides various solutions for information security.

Learn more -- visit the company's website http://www.anti-keyloggers.com

Daily Nation

Kenyan security forces kill militia commander: police AFP - 9 hours ago NAIROBI (AFP) — Kenyan security forces killed a militia commander,one of the most wanted rebel figures in the country, and four other fighters in a gun ... Charge top security men over torture, demands rights team Daily Nation Kenya: Claims of Torture By Army And Militia, As Food Shortages ... AllAfrica.com Rights commission requests torture probe United Press International Voice of America - Daily Nation all 53 news articles

KAUZ

Texas officials sue US over border fence The Associated Press - 3 hours ago WASHINGTON (AP) — Texas mayors and business leaders filed a class-action lawsuit Friday alleging Homeland Security Secretary Michael Chertoff hoodwinked ... Texas mayors, business leaderss sue federal government over border ... International Herald Tribune Texas cities sue to stop border fence Arizona Republic Some worry about border fence's ecological impact Houston Chronicle San Diego Union Tribune - guardian.co.uk all 304 news articles

US. to triple grants for Md. port security Baltimore Sun, United States - 3 hours ago By Matthew Hay Brown and Laura McCandlish | Sun reporters The federal government will more than triple its grant funding this year for port security in ... St. Louis City to manage $2.6M for port security Bizjournals.com DHS announces IPA grants Middle East Times all 11 news articles

Enews 2.0

Iowa: Lawsuit Filed Over Raid New York Times, United States - 1 hour ago The charges include accusations of aggravated identity theft, falsely using a Social Security number, illegally re-entering the United States after being ... Video: ICE Agents Raid Meat Packing Plant AssociatedPress Paying the Price of the Immigration Crackdown IRC's Americas Program Lawsuit: Immigration raid violated workers' rights The Associated Press The NarcoSphere - WHO-TV all 926 news articles

Alalam News Network

Major Powers Finish Nuclear Incentives Offer for Iran Voice of America - 7 hours ago Officials here say the permanent UN Security Council member countries and Germany, the P-5+1, have finished the details of a revised incentive package and ... Tehran hands proposals to Russia, China on nuclear security - 2 RIA Novosti Iran calls UN Security Council sanctions illegal, proposes new talks International Herald Tribune Iran Calls UN Sanctions Illegal Fars News Agency ISNA - United Press International all 192 news articles

Gulf Times

Missing guards in Cabuyao bank heist under custody ABS CBN News, Philippines - 11 hours ago The two missing security guards employed at the bank where a deadly robbery incident occurred Friday are now under custody. Police said one of the security ... Thieves loot Philippine bank after killing 7 bank employees and a ... RTT News 8 killed in Philippine bank robbery, mostly bank employees International Herald Tribune 9 executed in bank robbery Sun.Star Scotsman - guardian.co.uk all 263 news articles

Voice of America

Security Council wants UN peacekeepers in Somalia The Associated Press - May 15, 2008 UNITED NATIONS (AP) — The Security Council unanimously approved a resolution on Thursday calling for a UN political presence in conflict-wracked Somalia for ... UN Security Council Supports Possible Peacekeepers for Somalia Voice of America Security Council express strong support for Secretary-General's ... ReliefWeb (press release) Resolution urges UN Somalia force Aljazeera.net AFP - PR-Inside.com (Pressemitteilung) all 91 news articles

Verizon wins Homeland Security contract ZDNet - May 15, 2008 Verizon picked up a huge contract from the Department of Homeland Security: a $670 million deal to provide IP and security services over 10 years, ... Verizon and AT&T Win Homeland Security Contract RedOrbit Verizon land 10-year deal to unify DHS networks Register Verizon to supply Homeland Security TeleGeography FOXBusiness - Reuters all 187 news articles

'Foolproof' security for Jaipur match Hindustan Times, India - 33 minutes ago There will now be close to 3000 policemen in the stadium, alongside 500 security guards from a private agency. On the eve of the match, the only thing that ...

Hi-tech security system for crowded places soon Times of India, India - 6 hours ago The network would consist of a central command that would control the various subsystems assigned to a particular security parameter. ... Kapil Sibal unveils new technology to sanitize public places from ... Press Information Bureau (press release) all 5 news articles