The most formidable weapon against errors of every kind is Reason - Thomas Paine
|
|
|
Ransom Trojan takes PC files hostage using unbreakable encryption
THE LATEST ransom Trojan malware uses 'unbreakable' forms of public key encryption to take your computer files hostage and extort money as ransom for them.
Ransom Trojans on your computer encrypt your files and ask for payment in different ways, sometimes with an overt threat to destroy the files if money isn't paid. In the past, computers could generally be unencrypted without people having to pay the ransom.
But Mikko Hypponen, chief security researcher at F-Secure, warned about the latest version of a ransom Trojan called GPcode. It uses public key encryption in the form of AES with an RSA key to lock the files on your computer. And instead of telling you to wire transfer money, it tells you to use prepaid credit cards, transferring the money that way.
He said, "We aren't aware of any mechanism of breaking that. If you have backups it's no problem. The next solution is to pay. And we know of people to have paid to get the key and information back."
Hypponen also spoke of another ransom Trojan that gives you an error message before Windows starts, saying it is locked, with a blue installation screen that gives you the impression that it is the work of Microsoft.
It says that activation is free and gives you the choice of doing it by Internet or by a phone call. Of course, you won't be given the option of an Internet activation on the next screen as it's "unavailable".
The phone numbers you are given claim to be international Microsoft installation numbers, but the author of the Trojan will make money from it by routing these expensive calls to cheaper countries, a technique called short stopping. µ
Tags: Security
Share this:
Share
we have a few choices here either A: start building computers with the os flashed to flash memory on board so that the os cant be accessed or compromised by an out side source . or B: work on an "reactive firewall" what i mean by that is build a firewall that can detect attacks (which we already have) and react to the incoming and unwanted packets of data as if it was intending on and anticipating the upcoming attack.. now i know that attack change and take many forms and that there isnt a lot that we can do about unintentional user error ..for instance someone downloading a program that was infected with a new or dormant infection ... the best place for something like a reactive firewall would be on your NIC before it has the chance to reach your hard drive that has all your information on it ..just some thoughts ladies and gentlemen ..as an amature and novice programmer im almost certain that this can be done as a stand alone component ..
what i never understood was how scareware, and ransomware products could process payment, whether by credit card, pre-paid card, or premium rate telephone numbers without any intervention from law enforcement agencies, yet wikileaks had all the supports criminalised within days.
malware's source can be hard to trace, but as soon as there's payment route to trace it becomes a whole lot easier.
Law enforcement agencies, get on and do your jobs!
HOW PERFECTLY UNCIVILIZED!
WE HAD A GUY AT WORK CATCH A COMPUTER VIRUS AFTER WORKING ONLY 1 WEEK, THIS IS EXACTLY WHAT WE NEED ATTACKING THE NETWORK SERVER. EVEN BETTER IF IT CAN AUTOMATICALLY DESTROY THE TAPE BACKUPS.