Earlier this week, the researchers at SophosLabs examined a new strain of ransomware that had been discovered in the wild.
The malware encrypts files on the victim’s computer – and demands that a ransom is paid for the safe return of their contents.
Users whose computers are hit by the malware are told to respond with a unique ID number to a Gmail or Live webmail address for the password that will unlock their data.
You can imagine how disturbing this could be to a computer user who did not have a reliable recent backup of their important documents, spreadsheets and databases.
What makes things even more menacing is that the cybercriminals don’t rely purely upon the loss of data access to be an incentive to pay the ransom of 3000 Euros. They also threaten to contact the police with a “special password” that will reveal spamming software and “child pornography” files.
Your files has been descryptes using 256-bit Advanced Encryption Standart. To decrypt your files send us email with your ID to our special email: [REDACTED] or [REDACTED]
Because your computer has been hacked or someone spamming from your computer. You must pay a penalty within 96 hours otherwise we will send report to the Police with special password to decrypt some files wich contains spam software and child pornography files. (this special password is only for this files, not for all your files. Password for all your files we will send you only after payment). If first 48 hours will be ended you must pay 3000 Euro.
Enter password for the encrypted file: ______________
There may be nothing in the hackers’ threat of contacting the police and making accusations of child abuse material on your computer, but you can just imagine how petrified many people might be by seeing such a message.
The threat may be worded in broken English, but the vulnerable – without reliable backups – might feel tempted to pay up the ransom rather than run into possible trouble with the authorities.
Of course, we don’t recommend paying money to ransomware extortionists. There’s nothing to say that they won’t simply raise their ransom demands even higher once they discover you are prepared to pay up.
As always, keep your security patches and anti-virus solutions updated, your wits about you, and ensure that your backups are current and working.Follow @gcluley
Laptop with pistol image, courtesy of Shutterstock.