Not the most brilliant crime ever invented, but definitely something that could cause you a headache.
FoxNews.com wrote:WASHINGTON — Computer users already anxious about viruses and identity theft have new reason to worry: Hackers have found a way to lock up the electronic documents on your computer and then demand $200 over the Internet to get them back.
Security researchers at San Diego-based Websense Inc. (search) uncovered the unusual extortion plot when a corporate customer they would not identify fell victim to the infection, which encrypted files that included documents, photographs and spreadsheets.
A ransom note left behind included an e-mail address, and the attacker using the address later demanded $200 for the digital keys to unlock the files.
"This is equivalent to someone coming into your home, putting your valuables in a safe and not telling you the combination," said Oliver Friedrichs, a security manager for Symantec Corp (search).
The FBI (search) said the scheme, which appears isolated, was unlike other Internet extortion crimes. Leading security and antivirus firms this week were updating protective software for companies and consumers to guard against this type of attack, which experts dubbed "ransom-ware."
"This seems fully malicious," said Joe Stewart, a researcher at Chicago-based Lurqh Corp. who studied the attack software. Stewart managed to unlock the infected computer files without paying the extortion, but he worries that improved versions might be more difficult to overcome. Internet attacks commonly become more effective as they evolve over time as hackers learn to avoid the mistakes of earlier infections.
"You would have to pay the guy, or law enforcement would have to get his key to unencrypt the files," Stewart said.
The latest danger adds to the risks facing beleaguered Internet users, who must increasingly deal with categories of threats that include spyware, viruses, worms, phishing e-mail fraud and denial of service attacks.
In the recent case, computer users could be infected by viewing a vandalized Web site with vulnerable Internet browser software. The infection locked up at least 15 types of data files and left behind a note with instructions to send e-mail to a particular address to purchase unlocking keys. In an e-mail reply, the hacker demanded $200 be wired to an Internet banking account. "I send programm to your email," the hacker wrote.
There was no reply to e-mails sent to that address Monday by The Associated Press.
FBI spokesman Paul Bresson said more familiar Internet extortion schemes involve hackers demanding tens of thousands of dollars and threatening to attack commercial Web sites, interfering with sales or stealing customer data.
Experts said there were no widespread reports the new threat was spreading, and the Web site was already shut down where the infection originally spread. They also said the hacker's demand for payment might be his weakness, since bank transactions can be traced easily.
"The problem is getting away with it — you've got to send the money somewhere," Stewart said. "If it involves some sort of monetary transaction, it's far easier to trace than an e-mail account."
apparently people have never heard of backing up their important files or reformating. go ahead take whatever you want. ill just 0 the drive and reinstall. then use my backups and put whatever was importnt back on. (course i realize most common computer users would have no clue how to do this but still. ) i really dont know how this could be profitable at all really. its more of a hassle than anything. also the reason i advocate firewalls hardware based or otherwise.
Not too worried about it though. Seems to be plenty of holes in it.
Yes doctor, I am sick. Sick of those who are spineless. Sick of those who feel self-entitled. Sick of those who are hypocrites. Yes doctor, an army is forming. Yes doctor, there will be a war. Yes doctor, there will be blood.....
I can't believe this hasn't been tried before. Like Mad said though, there are still enough holes in the scheme for me to not be overly worried for now. It seems like they'd want to be targeting larger coorporations with larger assets anyway.
1. Contact FBI.
2. With their guidance, give money
3. They get basically all the info they need from the digital transaction, Eurotrash techno listening queer gets busted. God I hate everything about Europe. People, music, everything.
Oh, and FIREWALL'D!!!!