Ransom Trojan Uses Cryptography for Malicious Purpose

Every day millions of people go online to find information, to do business, to have a good time. Alas, some people go there to commit crimes as well. Though crimes have been committed via the Internet almost from its very launch, now cybercriminals have become dangerous as never before.

We've been warned lots of times about stealing data -- identity theft, phishing scams and pharming; we have at least heard of denial-of-service attacks and "zombie" computers, and now one more type of online attack has emerged: holding data for ransom. Extortionists remotely encrypt somebody's files and then demand money for the key to decode the information.

Experts say it is not yet a tendency; websites that used to infect users with the Trojan, have been put down. Besides, this program, Trojan.Pgpcoder, exploits a vulnerability in Microsoft Internet Explorer, which users should have patched as long ago as last July. However, there is no guarantee that such attacks won't appear in future, and all PCs will be patched at that time.

Websense, the San Diego-based Web security company, was the first to report such a case two weeks ago, when its customer fell victim to the attack.

Researchers at Symantec also have seen the malicious program used in the ransom attack. Oliver Friedrichs, a senior manager at Symantec Security Response said that attackers could use a website, email, or other means to distribute the Trojan.Pgpcoder and launch a widespread extortion campaign.

When the user visits a malicious website, his unpatched PC gets infected with a Trojan Horse (downloader-aag). This Trojan Horse downloader connects to another website, downloads the encoding application, and runs it.

The malicious encoding program searches for 15 common file types, including images and Microsoft Office files on the computer and encrypts them, and deletes the original files.

Then it creates a file with a ransom note called “Attention!!!”, where demands $200 for a tool needed to decrypt the files.

However, there is a weak spot in the attackers' scheme. It is possible to trace the money and to catch the extortionists when they try to collect the ransom. Maybe, it will prevent this kind of cybercrime from spreading.

Time will show whether we see this Trojan attack again or something similar appears and there will be a real need for a name for such type of Trojans -- how do you like "ransomware"? I have already seen this word used, but let's hope for the best.

Anyway, it is always wise of users to keep anti-virus and security software up-to-date and back up data. Just to be on the safe side.

Alexandra Gamanenko currently works at Raytown Corporation, LLC -- an independent software developing company that provides various solutions for information security.

Learn more -- visit the company's websitehttp://www.anti-keyloggers.com

Daily Mail

Supreme Court rejects widow's claim in Social Security case Los Angeles Times (Mandel Ngan, AFP/Getty Images / May 22, 2012) By David G. Savage, Washington Bureau WASHINGTON — A widow who conceived a baby from the sperm of her late husband is not automatically entitled to Social Security survivors benefits to help raise the ... Supreme Court rules twins conceived posthumously can't get Social Security ...Washington Post Supreme Court limits Social Security for kids from frozen spermDenver Post Court: No Benefits For Kids Conceived After Dad DiedNPR Wall Street Journal (blog) -Examiner.com all 296 news articles »

Security beefed up at German magazine after threat Atlanta Journal Constitution By DAVID RISING AP BERLIN — Security has been stepped up for employees of a German magazine and for members of a small far-right party after a known terrorist called for them to be killed in a video online, officials said Tuesday. and more »

Washington Times

Afghans to Take Over Security Next Year, NATO Agrees New York Times CHICAGO — President Obama and leaders of America's NATO allies formally agreed on Monday to hand over the primary role in providing security in Afghanistan to the Afghans themselves next summer, beginning the end of the United States's involvement in ... NATO to turn over security to Afghans in yearWashington Times Obama confident Afghans can take security leadCBS News NATO Agrees On Afghan Security Transition In 2013San Antonio Express Gant Daily -International Business Times all 13,194 news articles »

Security company Kaspersky warns malware attacks on iOS will "mean disaster ... Computerworld (blog) Those who believe Apple doesn't take security as seriously as Microsoft have new fuel: the Kaspersky security company claims that because Apple won't allow companies to develop "true endpoint security" for iOS, iOS will become a malware target, ... Is iPatch Tuesday In Apple's Future?InformationWeek Kaspersky co-founder resorts to scaremongering over Apple's iOS antivirus banThe Next Web all 10 news articles »

Christian Science Monitor

In Afghanistan, NATO exit plan raises concerns about stability (+video) Christian Science Monitor NATO plans to transition security control to Afghan forces over the next two years, but many Afghans question their ability to hold the gains that have been made. By Tom A. Peter, Correspondent / May 21, 2012 Afghan National Army (ANA) soldiers prepare ... Humanitarian groups fear implications of Afghanistan security handoverThe Guardian (blog) NATO backs Afghan combat leadership planABC Online Afghan funding leaves NATO behindSydney Morning Herald Vancouver Sun -Sacramento Bee -STLtoday.com all 885 news articles »

PCI Compliance, Security Provider ControlScan and Merchant Services Provider ... MarketWatch (press release) ATLANTA, May 22, 2012 (BUSINESS WIRE) -- ControlScan, an expert provider of Payment Card Industry (PCI) Compliance and Security solutions for small to mid-sized merchants and the acquirers that serve them, today announced its partnership with New York ... and more »

Security hike at Long Beach High after shooting Newsday Nassau Newsday > Long Island > Nassau Print Aa Security hike at Long Beach High after shooting Published: May 22, 2012 6:59 AM By JOHN VALENTI john.valenti@newsday.com Heightened security measures were expected to be in effect at Long Beach High School ... and more »

Lattice Technology Praised by Law Enforcement Agencies for Investigative ... MarketWatch (press release) This will enable additional security and protection for the citizens of Rapid City and the surrounding area," Whelchel said. Lattice CEO Paul Burgess said, "Lattice is building an impressive reputation of providing high quality service and our superior ... and more »

Bob McDonnell's national security problem Washington Post And as a 21-year Army veteran, and the father of a daughter who served as a platoon leader in Iraq, he seemed to bring strong national security credentials to the GOP ticket. But now McDonnell's national security credentials have come into question, ... and more »

Veracode and Panel of Security Professionals to Lead Webinar on Mid-Market ... MarketWatch (press release) BURLINGTON, Mass., May 22, 2012 /PRNewswire via COMTEX/ -- Veracode, Inc., the leader in cloud-based application security testing, today announced details of the upcoming webinar, "Mid-Market Application Security -- Defend Like A Fortune 500...or ... and more »