Virus Hold Computer Files 'Hostage' for $200 488
dwayner79 sent in a story about a new virus making the rounds- this one is unique because it locks your files and then demands a $200 ransom to get them back. It seems to me that this might leave some sort of tracable money trail. They don't have much information on any particular transmission mechanism, they just talk about web pages giving it up.
a fix (Score:5, Insightful)
Finally! (Score:4, Insightful)
Maybe when this happens people will actually pay more attention to computer security, instead of just putting up with the inconvenience.
Don't give in to the demands of terrorists (Score:2, Insightful)
interesting attack (Score:5, Insightful)
yet another reason to do regular backups, so you are never solely dependent on your local copies.
Re:a fix (Score:3, Insightful)
"restore backup"
Re:I call hoax (Score:3, Insightful)
"The FBI said the scheme, which appears isolated, was unlike other Internet extortion crimes.
Leading security and anti-virus firms this week were updating protective software for companies and consumers to guard against this type of attack, which experts dubbed "ransom-ware"."
Getting away with it... (Score:5, Insightful)
Re:Finally! (Score:5, Insightful)
Or.... (Score:2, Insightful)
Re:Finally! (Score:5, Insightful)
What will do that is a virus that replaces all .jpg files found with goatse, tubgirl and lemonparty.
So many people have stored their digital camera photos on vulnerable Windows PCs. The only thing that will get them to secure those boxes is the threat that little Sophie's birthday photos, or the last time they went on holiday with Grandma before the illness, might be replaced with hideous porn by some virus...
I send program to your email... Give me Money! (Score:2, Insightful)
"I send program to your email," the hacker wrote.
And only demanding $200.00 from a business? Sounds like one of the following must be true:
a) person is stupid enough to demand only $200.00 for a crime most likely punishable as extortion.
b) person is testing the effectiveness of their program.
c) person is too short sighted to think of either a or b.
This is just pathetic.
Comment removed (Score:2, Insightful)
If a smart crook were behind this ... (Score:4, Insightful)
Of course, this means any honest white knight is going to learn the hard way about 20 feds and a flashlight.
And computer criminals everywhere cringe (Score:5, Insightful)
I mean, is it really that much harder to make a virus that silently installs itself and listens for key strokes, then sends those back to you through a few cracked proxies? And there you go: account numbers and passwords.
Idiots. If they do try to collect on this, they'll be caught, we'll find it's a couple of dumb as fuck kids who thought it'd be cool to "have a couple hundred bucks".
And while I'm on that, 200 bucks? If you are really trying to get money, why not charge 20 bucks? For 200 bucks, most people are likely to seek outside help. For 20 bucks, people are more likely to just fork it over. I'd bet you'd have a greater ROI with the lower charge.
Fill in the blank.... (Score:2, Insightful)
Re:Finally! (Score:4, Insightful)
'course, I've got the sense not to look it up...
Subtlely (?) destructive viruses (Score:5, Insightful)
* alter scheduled appointments in outlook/exchange
* alter contact information in outlook/exchange
* alter information in ms word and ms excel documents
The key to all this is to do it in small doses - change a 3 to a 4, alter appointments by 1 hour, etc, introduce a few wrong spellings into ms word documents, etc.
People have this view that viruses are horribly destructive, and it decreases the estimation of Windows in some. Others stick by Windows, content to use anti-virus stuff because a virus just generally uses up resources indiscriminately or 'steals' data.
If viruses started attacking the integrity of core MS Office products, not 'just' the operating system itself, more damage would be done to MS' hold on corporate america than any attack on the 'operating system' level by viruses.
Put more simply, most people really don't understand the ins and outs of operating systems, nor the potential damage than can be done to them. Everyone can understand the damage that could be done by having your spreadsheets altered without your knowledge.
Well, at least I *think* everyone could understand that.
not my pr0n!!! (Score:2, Insightful)
That'll that forever to redownload and organize...
Where do I send the money?
Re:Retro (Score:2, Insightful)
I think you mean the Pakistani Brain Virus [wikipedia.org].
Software writers, not repair shop. Pakistan, not India. Not the first virus [wikipedia.org]. It was intended to prevent piracy, and wasn't at all intended to be a "ransom."
That's the short version of the story [brain.net.pk]. "Welcome to the Dungeon. Beware of the VIRUS." ;-)
web services, baby! (Score:3, Insightful)
Gender Descrimination? (Score:2, Insightful)
Anakin: "Padme, you're pregnant. I'm afraid-for the good of the baby-you can't go lightsaber dueling or starfigher riding. You can resume such activities when they are safe for you again, mmkay?"
Padme: "Okay. I don't want to lose my child, so I'll sit down for this particular strech of 9 months. It's not like I wasn't involved in lots of gunfights before this, so I think I can deal."
God, some people just try too hard. Your stupid little digression about "sie" and "hir" is almost longer than your entire point.
Re:interesting attack (Score:3, Insightful)
Re:They and Their (Score:2, Insightful)
Re:Subtlely (?) destructive viruses (Score:3, Insightful)
Deleting a file will cause staff to notice, and after the virus is removed, the file will be restored.
Changing a few random values in a spreadsheet will likely not be noticed as quickly, and when it is, there may not be any way to work out which daily backup to restore from.
Then there's the effect.
Deleting a file causes irritation, but has no lasting effect.
Altering the file subtly will potentially damage a forecast, change the meaning of data or cause an employee to be held in lower regard.
I've sometimes wondered why virus writers seem little more than children, preferring to see their name writ large than actually do anything malicious. I've come to think it's human nature not to cause damage just for the hell of it.
I've been waiting for really damaging viruses to appear. This one won't herald the start of them - people will just purge the virus and then restore from backups.
Re:Finally! (Score:5, Insightful)
Re:Finally! (Score:3, Insightful)
Re:laundering the money (Score:5, Insightful)
At home, I don't have the problem; since more honorable vendors that distribute their software via apt-get don't run these kinds of protection rackets.
Re:It won't get a penny from me... (Score:3, Insightful)
Remember the RC5 challenge? It took 1757 days worth of massive collaboration effort to break a 64 bit key, showing that 64 bits RC5 is not enough for data that is still sensitive after several years.
Now they are trying to break a 72 bit version of the same algorithm. It should take 2^8=256 times more computational effort or over 1000 years with current processing power.
Processing power increases, but you can imagine that something encrypted with a public key algorithm that requires as much effort as 80 bit RC5, could be impossible to break in the time-frame where the data is still valuable, even with a combined world-wide effort.
Money Agents (Score:3, Insightful)
Seems like a great way of breaking the money trail and it only costs 10%!
Crooks are pretty inventive.
Re:a fix (Score:2, Insightful)
Such a virus is the best marketing they can have
Re:Ransom (Score:2, Insightful)
Re:Money Agents (Score:3, Insightful)