01 June 2006

Ransomware: An Extortion Virus

David Derbyshire, the consumer affairs editor at The Daily Telegraph of London, reports on an insidious new threat lurking in cyberspace ...

A new virus that seizes control of personal computer files and demands ransom money from the owner has been unleashed on the internet.

Victims of a "ransomware" attack are unable to get access to their hard drives unless they pay off the hackers.

In some versions of the fraud, computer users are told to buy drugs from an online chemist in exchange for a password that will free their files.

In others, they are instructed to transfer money to an overseas bank account to prevent the program wiping the files.

Although the virus can be blocked by up-to-date anti-virus software, there are concerns that many computers are unprotected.

The fraud emerged in America last year and has now appeared in Britain. One of its first victims was Helen Barrow, a 40-year-old nurse from Littleborough, near Rochdale.

She was distraught when she discovered that her computer files had been replaced by a folder protected with a 30-digit password.

She also discovered a new file on her computer desktop named "Instructions How to Get Your Files Back." It told her she would be given the password to access her files if she bought drugs from an online pharmacy.

Mrs Barrow, who works as a senior sister at Rochdale Infirmary, said: "When I realised what had happened, I just felt sick to the core. I was in shock. It was a horrible feeling and I thought I was going to lose all of my work.

"I had lots of family photographs and personal letters on the computer and to think that other people could have been looking at them was awful."

Her computer became infected when she opened an e-mail attachment that claimed to be an anti-virus program. The virus that attacked her computer is known as Archiveus.

Mrs Barrow, a mother of two, contacted police and a computer expert who recovered some of the files, which included course work for her nursing degree.

Earlier versions of the ransomware program instructed victims to pay the ransom through online websites such as eGold or Webmoney. Others demand payments to overseas accounts.

Greg Day, a security expert with McAfee, said: "Sadly we are seeing more of this type of attack in recent months. It is a trend that started off in the business community and has now extended more into the consumer space."

"If people are effectively to protect against these kind of attacks, we would recommend they get good anti-virus software, have a firewall that controls what information people can access on your computer, and keep up to date with the security patches.

"If people find themselves being blackmailed like this they should contact their local police force.

"They should also contact their software security vendor who might be able to help them recover their work."

0 Comments:

Post a Comment

<< Home