April 28, 2006 5:21 PM PDT

Trojan horse: Your money or your files

In another example of "ransomware," a new Trojan horse threatens to delete files unless the victim pays up, security experts have warned.

When activated, the Trojan horse, dubbed Ransom-A by antivirus company Sophos, displays some explicit images. It then shows an expletive message that demands a $10.99 payment, or it will delete one file every 30 minutes, security experts at SophosLabs said in a statement published Friday.

"This Trojan horse is designed to take your data hostage and tries to scare users into paying up quickly by threatening to wipe files one-by-one," Graham Cluley, senior technology consultant at Sophos, said in the statement.

The Trojan asks for payment via the Western Union money transfer service and promises delivery of a special disarming code after the ransom is paid, Sophos said.

This is the second example of malicious software that seeks to extort money in as many months. In March, a Trojan horse that encrypts victims' files and demands a $300 payment to have them decrypted and unlocked made the rounds. A similar attack was spotted in May of last year.

"Our concern is that this may be the beginning of a growing trend of malware designed to extort money," Cluley said.

Sophos recommends that people make backups of their data and run updated security software for protection against pests such as these ransom-demanding Trojans. As a general rule, Internet users should be cautious when opening e-mail attachments and surfing untrusted Web sites.

See more CNET content tagged:
Sophos Plc., Graham Cluley, trojan horse, victim, payment

16 comments

Join the conversation!
Add your comment
What is Western Union doing?
I am surprised that the author of this story did not contact Western Union to find out if they will prevent the money from getting to the criminals in this case and what they are doing to prevent this sort of thing from happening in the future.
Posted by grangerfx (41 comments )
Reply Link Flag
How would they know?
Unless the person sending the money told the local Western Union associated vendor what the cash was for, how would they know? It's not like the victim is gonna' tell everyone about the ransom - most extortion victims, fearing retribution, don't tell anyone; even the police. But, if they do tell police then Western Union should be cooperating with the law by revealing their records of the transaction.
Posted by GEBERWEIN (75 comments )
Link Flag
Easy to avoid this nonsense
1. Do not use Windows, problem solved
a. If you must use windows, don't be stupid. Do all the things that windows users must do to be sort of secure, run lots of third party security apps, don't use IE, ect.
b. If you are stupid, keep everything backed up and wipe your disk and reinstall windows when you "mistakenly" download a trojan.
c. Rinse and repeat
Posted by Bill Dautrive (1179 comments )
Reply Link Flag
Why Stop There
Don't use a computer and you will have nothing to worry about. Idiotic *nix evalengests are always quick to point out that Windows is unsecure. Gusee what chuckles, the average user doesn't want to put the time into learning the ins and outs of *nix, so they are stuck with something easier to learn, like Windows or MACs and most of them are incapable of writing their own software, so they are stuck with commercialy available software, that is easy to install. That leaves out *nix and Macs both because of available variety and (dis)ease of installation. Until that changes the average user will use Windows. Get used to it!
Posted by PzkwVIb (462 comments )
Link Flag
Why Stop There
Don't use a computer and you will have nothing to worry about. Idiotic *nix evalengests are always quick to point out that Windows is unsecure. Guess what chuckles, the average user doesn't want to put the time into learning the ins and outs of *nix, so they are stuck with something easier to learn, like Windows or MACs and most of them are incapable of writing their own software, so they are stuck with commercialy available software, that is easy to install. That leaves out *nix and Macs both because of available variety and (dis)ease of installation. Until that changes the average user will use Windows. Get used to it!
Posted by PzkwVIb (462 comments )
Link Flag
Educate the less knowledgable, not bash them with your superiority complex
Let me see: do you build your own house? do you fix your own car? do you grow your own food? do you tailor your own clothes? do you record your own entertainment? do you ... ? Of course not. Not very many of us can afford to be knowledgable in more than a few areas. So, for the vast majority of people out there, computer technology is an area that they are not knowledgable in, so blaming them for being "stupid", for doing something they should know better than, is both non-constructive and arrogant. It's unfortunate that while Windows is easier to use than Unix (and flavors), it is also inherently less secure. What we should do is educate these people to be more knowledgable instead of bashing their ignorance. I'm sure there are a lot of areas in life where you're ignorant at, and how would you like it if people knowledgable in those fields start calling you stupid?
Posted by thanhvn (51 comments )
Link Flag
can't just change to *nix
The idea that just chaninging to a *nix based OS and you'll be ok is deeply flawed. Any system has vulnerabilities and as *nix based systems get more popular more vulnerabilities will be found and exploited. Changing to a *nix based OS will make you less vulnerable, but u will still need antivirus and firewall software (and soon enough antispyware will become a necessity).
Posted by kaufmanmoore (42 comments )
Reply Link Flag
Not true
The statement that popularity goes in parallel to attack is simply not true. On the web server business for example open source has as much market share than microsoft. Despite that you see much more attack geared toward IIS and more recent microsoft offering (and it is closed source!).

The simple truth is that microsoft is unsecure; deeply, profundely, from design insecure. And developper forcing the user to run as admin, to install and run their software do not help. Mind you *nix, *nux have their fault, and are not devoid of vulnerability, and are certainly less user friendly.

The bottom line is that it is easier to make a trojan for an vulnerable designed closed source OS, than for a stronger secured open source one.
Posted by Aepervius (13 comments )
Link Flag
Factualy incorrect.
The statement that popularity goes in parallel to attack is simply not true. On the web server business for example open source has as much market share than microsoft. Despite that you see much more attack geared toward IIS and more recent microsoft offering (and it is closed source!).

The simple truth is that microsoft is unsecure; deeply, profundely, from design insecure. And developper forcing the user to run as admin, to install and run their software do not help. Mind you *nix, *nux have their fault, and are not devoid of vulnerability, and are certainly less user friendly.

The bottom line is that it is easier to make a trojan for an vulnerable designed closed source OS, than for a stronger secured open source one.
Posted by Aepervius (13 comments )
Link Flag
Soon this will become a fad or maybe it won't.
I like to reference the WWW as the Ultimate Digital Autobahn. No rules, no regulations, only the ability to do whatever you want, when you want, without evident reprocusions in any manner.

Wait, even the Autobahn has rules! No wonder why we can drive like a "bat out of hell" and still live to tell about it. There's rules and regulation to driving on the Autobahn even though you can enjoy a cruze in a Lambo at 150.

Mabey Congress should look at the Audobahn and what is represents before making some rash decisions that will decide the fait of the internet as we know it.

How ironic that a bunch of Congressman think they know enough about technology to do something about it. I bet if I came up with with a questionare, 20 questions about general technology, that 90% of you on the hill would only score a 6 at best.

With that said, how do you plan on ensuring a Bill that would allow freedom on the Web and punish those that abuse it. Wait, I know how!

You have people like Microsoft, Google, Sun, and Apple breating down your necks with some green stuff telling you what you want to here while ensuring that your views are steering a direction to there liking.

Unfortunately for me, I can't afford to be up there in Capitol Hill because if I was, you'd get a clear understading of the web in it's current fashion. From someone that has something to lose when it comes to NET Neutrality as well as ISP snooping.

Until there is some ordered restored on the Net it will continue to be subject to people like the ones that created this Trojan Horse. I don't forsee it getting better either while those that decide the Nets fait are continually tossed by the Bill Gates of this world.

~Justin
Posted by OneWithTech (196 comments )
Reply Link Flag
Not strictly true...........
The speed limit on the Autobahn is 130kmh. The nice man with blue lights let me know that...........
Posted by CatNet (3 comments )
Link Flag
What about Mac's new virus....
<a class="jive-link-external" href="http://www.cnn.com/2006/TECH/04/30/apple.security.ap/index.html" target="_newWindow">http://www.cnn.com/2006/TECH/04/30/apple.security.ap/index.html</a>
Posted by mrpeabody3119 (101 comments )
Reply Link Flag
 

Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

What's Hot

Discussions

Shared

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.