Demanding a ridiculous sum of money for your data is something Microsoft is used to. They plainly overcharge you if you don't update your Operating System after they kill the support for old ones. See what happened to Windows NT back in 2004/2005.
In the equivalent of a holdup in cyberspace, a new computer bug locks up a user's file with encryption and demands a $300 "ransom", security experts say.
The so-called "ransomware" Trojan was discovered on Saturday by the security firm LURHQ, which said it was based on a similar scheme perpetrated 15 years ago.
The Troj/Zippo-A Trojan horse (also known as CryZip) searches for files on innocent users's computers such as Word documents, databases and spreadsheets, and moves them into password-encrypted ZIP files. It then creates another file informing the affected user on how they need to pay $300 to an E-Gold account to recover their data.
In poorly written English, the message said: "Do not try to search for a program what encrypted your information — it simply do not exists in your hard disk anymore. If you really care about documents and information in encrypted files, you can pay using electronic currency $300. Reporting to police about a case will not help you."
The Trojan "is bold as brass, scooping up your valuable data and locking it away until you agree to pay the ransom to the criminals who have 'kidnapped' your files", said Graham Cluley, senior technology consultant for the security firm Sophos.
However Sophos and LURHQ discovered the password — C:\Program Files\Microsoft Visual Studio\VC98 — a code disguised as a file.
"So there should be no need for anyone unfortunate enough to have suffered from this ransomware attack to have to pay the reward to the criminals behind it," Cluley said.
Comment Preview