Kidnapping for ransom is a typical plot in Hong Kong styled drama serial. The following malware is a very innovative scam that does a pseudo “kidnapping” of your PC’s data. Although the data is not physically removed or taken away, victims will be unable to access the information till the “ransom” is paid. However, the scam is so nicely disguised, victims may not even realize that they have been conned. Do read on:
Data-for-ransom Syndicates Strike Online
by Jonathan Leopando (Technical Communications)
How much is your data worth? A great deal, perhaps, for most of us. Naturally, cybercriminals keep coming up with new ways to exploit this. The new attack? Taking a page out of offline criminal syndicates, now yourdata is being held for ransom–literally.
This latest bit of malware, detected by Trend Micro asTROJ_FAKEALE.BG, is yet anothervariant of the notorious fake antivirus malwarethat has been the rage in recent months. It arrives as a utility that claims to have found corrupted files on the affected system. To recover the files, you need to download the paid version of the program–which will then proceed to recover the said files.
The Trojan uses the following interface:
Figure 1.TROJ_FAKEALE.BG interface.
In reality, however, it was the malware itself that encrypted the corrupted files. In this case, everything in the user’sMy Documentsfolder is encrypted, thus preventing users from accessing the folder’s contents. The paid version of the program fixes the problem that this malware created, but only after the user has been forced to part with his money - a whopping$50.
The Trend Micro Smart Protection Network already detects this malicious software and provides solutions for cleanup and removal.
Comments