Security company Sophos warned users yesterday about a new “ransomware” Trojan that demands a payment of $10.99 to stop deleting files on infected systems.
The Trojan Ransom.a, once successfully infiltrated, will lock down the infected system and display a message stating that it will delete files every 30 minutes until the user agrees to pay $10.99 to an account via Western Union money transfer.
The message from this Trojan claims that antivirus software or malware removal tools are completely unable to recover the deleted files, and the Ctrl-Alt-Del command is entirely disabled in this situation. This Trojan activates automatically whenever Windows is started.
Whenever the user presses the Ctrl-Alt-Del key combination, this Trojan pops up another message stating: “Yeah, We don’t die, We multiply! Ctrl+Alt+Del isn’t quite working today, is it? I’m not the sharpest tool in the shed but Ctrl+Alt+Del is everyone’s S.O.S.” (“Yeah, we can’t die, we self-replicate! Ctrl+Alt+Del has been disabled. Ctrl+Alt+Del isn’t the best tool, but it remains a lifeline for everyone.”)
Known as “ransomware” because it threatens to destroy or lock data, forcing users to pay to “free” it. However, this is only the second Trojan of this type discovered in the past five weeks.
In mid-March, a Trojan named “Cryzip” and “Zippo.a” demanded $300 from users to regain access to passwords for encrypted compressed files. However, security companies quickly found a way to recover these passwords.
HVD
