Ransom Trojan Uses Cryptography for Malicious Purpose
Every day millions of people go online to find information, to do business, to have a good time. Alas, some people go there to commit crimes as well. Though crimes have been committed via the Internet almost from its very launch, now cybercriminals have become dangerous as never before.
We've been warned lots of times about stealing data -- identity theft, phishing scams and pharming; we have at least heard of denial-of-service attacks and "zombie" computers, and now one more type of online attack has emerged: holding data for ransom. Extortionists remotely encrypt somebody's files and then demand money for the key to decode the information.
Experts say it is not yet a tendency; websites that used to infect users with the Trojan, have been put down. Besides, this program, Trojan.Pgpcoder, exploits a vulnerability in Microsoft Internet Explorer, which users should have patched as long ago as last July. However, there is no guarantee that such attacks won't appear in future, and all PCs will be patched at that time.
Websense, the San Diego-based Web security company, was the first to report such a case two weeks ago, when its customer fell victim to the attack.
Researchers at Symantec also have seen the malicious program used in the ransom attack. Oliver Friedrichs, a senior manager at Symantec Security Response said that attackers could use a website, email, or other means to distribute the Trojan.Pgpcoder and launch a widespread extortion campaign.
When the user visits a malicious website, his unpatched PC gets infected with a Trojan Horse (downloader-aag). This Trojan Horse downloader connects to another website, downloads the encoding application, and runs it.
The malicious encoding program searches for 15 common file types, including images and Microsoft Office files on the computer and encrypts them, and deletes the original files.
Then it creates a file with a ransom note called “Attention!!!”, where demands $200 for a tool needed to decrypt the files.
However, there is a weak spot in the attackers' scheme. It is possible to trace the money and to catch the extortionists when they try to collect the ransom. Maybe, it will prevent this kind of cybercrime from spreading.
Time will show whether we see this Trojan attack again or something similar appears and there will be a real need for a name for such type of Trojans -- how do you like "ransomware"? I have already seen this word used, but let's hope for the best.
Anyway, it is always wise of users to keep anti-virus and security software up-to-date and back up data. Just to be on the safe side.
Alexandra Gamanenko currently works at Raytown Corporation, LLC -- an independent software developing company that provides various solutions for information security.
Learn more -- visit the company's websitehttp://www.anti-keyloggers.com
Should iPhone users use security keys and Advanced Data Protection? The Washington Post
CISA establishes new office to ‘operationalize’ supply chain security Federal News Network
School where boy shot teacher reopens with added security The Associated Press - en Español
Security Is Key to Maximizing Cloud Adoption Success in Healthcare HealthITSecurity
Guardz emerges from stealth with $10M for SMB security and cyber insurance to protect against attack-as-a-service breaches - TechCrunch
Guardz emerges from stealth with $10M for SMB security and cyber insurance to protect against attack-as-a-service breaches TechCrunch
Why Traditional Approaches Don’t Work for API Security Security Boulevard
LA-based Embedded Ventures launches inaugural fund, with focus on national security and space tech - CNBC
LA-based Embedded Ventures launches inaugural fund, with focus on national security and space tech CNBC
Pakistan bombing raises fears over security breach, 100 dead The Associated Press - en Español
2 security guards shot, 1 fatally, at San Bernardino County party KTLA Los Angeles
Nicholas Kathmann named LogicGate Chief Information Security ... Security Magazine
Security officers coming back to East Lansing High School, other ... Lansing State Journal
Data Privacy and the Journey of Smarter Security | Spiceworks News and Insights
How to Set Up Security Keys for Apple ID on Your iPhone The Mac Observer
Smuggler tells U.S. jury he paid off ex-Mexico security chief Los Angeles Times
USENIX Security ’22 – Chen Yan, Zhijian Xu, Zhanyuan Yin, Xiaoyu Ji, Wenyuan Xu – ‘ Rol... - Security Boulevard
USENIX Security ’22 – Chen Yan, Zhijian Xu, Zhanyuan Yin, Xiaoyu Ji, Wenyuan Xu – ‘ Rol... Security Boulevard
National Association of Counties and Election Security Government Technology
Africa and the global LNG crunch: Balancing energy security ... Atlantic Council
Nigeria Security Tracker Weekly Update: January 21-27 Council on Foreign Relations
Case May Impact Role of Lawyers in Data Breaches and IR Security Boulevard
IRS Income-Tax Investigations Threaten Taxpayer Security National Review
U.S. military poised to secure new access to key Philippine bases The Washington Post
$1M of funding announced for protection of non-profits PAHomePage.com
Column: Ukraine's fight benefits U.S. national security. The House GOP is on the wrong side - Yahoo News
Column: Ukraine's fight benefits U.S. national security. The House GOP is on the wrong side Yahoo News
The Top SaaS Security Risks and Concerns to be Aware of Security Boulevard
AITX and Robotic Assistance Devices Announces Price Changes for Some Security Robots - Yahoo Finance
Russian APT groups continue attacks with wipers and ransomware Security Magazine
Google’s open source team layoffs: Your software supply chain security is at risk - Security Boulevard
Google’s open source team layoffs: Your software supply chain security is at risk Security Boulevard
Fort Worth Zoo increases security in wake of animal disappearances, death in Dallas - Fort Worth Star-Telegram
Fort Worth Zoo increases security in wake of animal disappearances, death in Dallas Fort Worth Star-Telegram
Abbas assures US security ties with Israel only partially cut, can be restored - The Times of Israel
Abbas assures US security ties with Israel only partially cut, can be restored The Times of Israel
Homeland Security issues warning about rise in sextortion cases UpNorthLive.com
Unlawful Southwest Border Crossings Plummet Under New Border ... Homeland Security
Nuclear security alert after botched attempt to fix Trident submarine with super glue... - The US Sun
Is the UK the Security Leader Europe Needs? The National Interest Online
The Definitive Browser Security Checklist The Hacker News
New safety protocols for Northeastern's Oakland campus Security Magazine
How Schools Have Boosted Security as Shootings Become More Common The New York Times
More Than $3 Billion in Additional Security Assistance for Ukraine Department of Defense
DHS Continues to Prepare for End of Title 42; Announces New ... Homeland Security
At Marine Raiders' homicide trial, questions center on security video Marine Corps Times
Musk's Twitter still violates FTC security pact, new whistleblower says The Washington Post
Remarks by President Biden on Border Security and Enforcement The White House
Identity Thieves Bypassed Experian Security to View Credit Reports ... Krebs on Security
Microsoft ends Windows 7 extended security updates on Tuesday BleepingComputer
Remarks by Ambassador Linda Thomas-Greenfield at a UN Security ... - United States Mission to the United Nations
Remarks by Ambassador Linda Thomas-Greenfield at a UN Security ... United States Mission to the United Nations
Burning Bridges is Bad, But Firewalls are Good
When you signed up for that ultra-fast DSL or Cable connection there was probably one very important piece of information that your ISP failed to mention. By accessing the Internet via a high-speed connection, you have tremendously increased your chances of being victimized by a computer hacker.
Is the Internet Insecure Because of You?
Long gone are the days that we could feel secure and know for certain that we had privacy. With the digital age upon us we can no longer be so sure that our privacy is secure.
Preventing Online Identity Theft
Identity theft is one of the most common criminal acts in society today. Criminals will use your personal information such as banking accounts and passwords, to pretend that they are you.
How to Protect Yourself Against Online Criminals
Credit card fraud is a growing problem for online businesses and can hurt your business in many ways.Fraudulent credit card transactions are costing e-commerce businesses many millions of dollars annually.
Eliminate Adware and Spyware
Everyone should eliminate spyware and adware from your hard drive for your computer privacy protection. Spyware and adware programs also slow down the speed of your computer by cluttering your hard drive with annoying programs.
Crack The Code - Thats A Direct Challenge
I Challenge You To Crack The Code-------------------------------------I had quite an interesting experience recently. I was hired by a company to perform a vulnerability assessment and penetration test on their network.
What is Spyware?
The most frustrating part of having Spyware on your computer is the sheer feeling of helplessness that is invoked. Your computer slows down, it no longer does what you instructed it to, it seems to have a mind of its own.
Mail Forwarding - Why Would You Do It?
First of all we need to get some terms stated. I have been in the business for just over two years and there is still some confusion over the topic.
How To Prevent Spyware Attacking Your Computer
Spyware is software or hardware installed on a computerwithout a user's knowledge. It gathers information andreports it back to its source.
A Basic Introduction To Spyware
Spyware is the most troublesome software to appear on theInternet in recent times. When spyware infects a computersystem, it may be relatively harmless or it may bedevastating.
Are They Watching You Online?
When surfing the Internet you probably take your anonymityfor granted, most of us do.Tapping phones, listening to confidential conversations,reading others' e-mail messages seems like something thatonly happens in spy movies to "other" people.
Dont Miss Information Because of Misinformation
It has been said that with the wealth of information, freely available, the Internet has the ability to make you smarter, faster, than any other medium on the planet. Of course with an equal amount of mis-information, it also has the ability to make you dumber, faster, than any other medium on the planet.
Internet Scams: Dont be a Victim
As the number of people using the Internet as an integral part of their daily life grows, it is inevitable that the number of Internet Scams will grow. Unfortunately there are many forms of scams but in this article we will look at three of the most prominent.
Phishing-Based Scams: A Couple of New Ones
Phishing in its "classic" variant is relatively well-known. Actually, 43.
Wireless Network Security
Working from home has its advantages, including no commute, a more flexible work schedule and fresh coffee and home-cooked meals whenever you want.But working from home while using a wireless local area network (WLAN) may lead to theft of sensitive information and hacker or virus infiltration unless proper measures are taken.
How to Thwart the Barbarian Spyware!
Today,on most internet user's computers, we have theability to employ software, along with ourintelligence, to prevent viruses and spyware.To put this article into proper perspective, we'll useMedieval defense tactics.
Reporting Internet Scams
When it comes to reporting Internet scams most of us either don't have a clue who to contact or just ignore them in our email. But according to an FBI report in December 2004, nearly ten million people last year didn't ignore them and fell for the latest Internet scams.
Arming Yourself Against Spyware
While clicking from site to site on the internet you are likely to land yourself on a website that downloads spyware onto your computer system. Even while using familiar or unlikely and secure web site you run the risk of being infected with unwanted spyware.
How to Manage Your Username and Password The Easy and Secure Way
Have been an Internet user for more than 9 years, I have 100's of logins and passwords to keep. I'm paranoid.
The Truth About Hiding Your Tracks on the Internet
Ok, ok, I know you've seen them. All those pop up windows claiming that "You're being watched!" or banner ads saying "Your computer is under surveillance!" And all you need to do is buy their product and your computer's visbility will disappear from the Internet.
|home | site map|