RSSWant Your Data Back? Pay $200
By Ed Oswald | Published May 24, 2005, 12:49 PM
Hackers have found a new way to terrorize computer users - by finding your documents and putting a lock on them, refusing to remove it unless you pay $200.
The new ploy was discovered by WebSense, a San Diego based security firm. To get in, the hacker tricks a user into visiting a Web site that downloads a Trojan horse onto a victims machine. If executed, the Trojan searches for all text files on a user's computer and replaces the text with gibberish.
It will also create a textfile called "Attention!!" which contains instructions on how to unlock a file. "Decoder costs USD 200. Send USD 200 to e-gold account send message about it and I send programm to your e-mail," the file reads.
Security firms were quickly updating their antivirus software to prevent the scam from spreading further, which is being dubbed "ransom-ware." Several news organizations attempted to contact the trojan's author at the e-mail address provided in the textfile, however no answer was received as of Tuesday.
While the threat is new, antivirus firms said that the scam is not spreading, possibly due to more vigilant -- and more skeptical -- Internet users watching what they are downloading.
Ed Bott debunks most of the contents of this story. See http://www.edbott.com/weblog/archives/000717.html
Score: 0
All this talk about having to pay a ransom, having to update anti-virus, having to trace bank transactions, etc. would make a nice movie, but does anyone remember the highly advanced technology invented decades ago, which can defeat this new threat?
It's called backup. No, not the lame single-generation backups that most people do. I'm talking about a discliplined multi-generation backup which is rotated to off-site storage.
Backup...what a concept!
It's platform-independent.
It's vendor-neutral.
And it's fat-free.
Score: 0
Off site backup is insanely expensive. Most people are not going to spend hundreds of dollars to keep their resumes safe.
Score: 0
For SME the $500 or less to set up RAID 1 with three HDDs is a worthwhile investment. Your average home user obviously won't pay that much - but your average home user doesn't have that much of an investment in their data. (And if they do, then they need to back it up. It's just like buying a $50k car without insurance.)
Score: 0
RAID won't do crap for this if it was / is true.
The whole point of RAID is so you don't lose your data entirely. If you don't notice the files are missing for a couple days, your data has already been re-written on the other drives, and therefore is gone.
Score: 0
Hmm, last time I checked you could get blank CD and DVD media for far less than 20 cents each. The typical home user wouldn't need more. If they do, a removable hard drive would do the same for 100ish dollars.
Score: 0
You are exactly right. The cost of media these days and that every PC comes with a cd/dvd burner, it is cost effective. Why anyone would store this type of personal data on today's PCs is just asking for problems. I love 'em. $65/hr to help them out is OK.
Nothing is safe! Save or Lose! It is a choice.
Score: 0
Does this little troja thing work on Linux as well or just on windows ?
Score: 0
For the record, this problem is not widespread, the incidents appear isolated, and the original website has been shut down. Also, since this involves a bank transaction, this hacker is very likely to get caught.
Score: 0
That's when I tell the hackers to screw off. I have backups of my data, and I also don't have anything that I couldn't be without on my computer.
If I ever had to I could simply restore my computer from backup.
Screw off hackers. Only an idiot would pay the $200. Go get bent!
Score: 0
Not to mention a tool to unlock it will probasbly be available to download off the internet in no time...
Score: 0
and this is a rather irrational and ridiculous comment I know but I wish they would give this idiot the death penalty. Explanation is a menace and should be eliminated.
Score: 0
wouldn't that depend on how it's done?
if he tosses in a certificate, then puts it in NTFS encryption and removes the certificate from the computer, he would lock out that file pretty well, excluding backups... then sell you back the certificate that was used to encrypt the file...
granted the article talks about locking files, but could mean encryption as in locking out the user...
Score: 0
Death is too good for thses people. They should be forced to watch American Idol re-reuns whilst trying to install 3rd party apps in Linux!
Score: 0
Noooooooooooooooooooooooooooooooooooooo!!!
Anything but that.... ANYTHING!!!!
Score: 0
it already is. I will sell you the tool under a non-redistribution license = for a mere 50 bux. Be advised that the tool is machine aware and once it is downloaded a unique fingerprint is added to the downloaded file. it allows one use, opening or click on. futher, the fingerprint scambles the program should - upon clicking on it, your machine code doesnt match the fingerprinted one.
to get your copy, send a self addressed stamped envelope with cash only to:
Soyoureaph00l
13 mockingbird lane
chicago. ill. 60609
disclaimer: the above is just a joke, do not attempt to follow up on this or send your money to any addresses (unless you want to just give me money, in that case, leave it in small, unmarked non-sequential bills to the corner of broadway and manhattan in NY. Leave it in a big green bag with a $ on it LOL )
Score: 0
one word castration
Score: 0