|09 Jul 2009||#1|
Trend Micro discovers new ransomware
According to Trend Micro security researchers, they have detected a new ransomware that proliferates through an e-mail on the internet. Trend
Micro have called the malware WORM_RANSOM.FD that seems as a mass mailing computer worm, but a detailed analysis of it has revealed that it contains a deadly payload. It has been discovered that
WORM_RANSOM.FD downloads from remote websites when visitors access those sites or it may download secretly by other malware on the targeted system. While the deadly payload does not affect some files with
extensions such as .dry, .rwg, .vxd, .dll, .inl and .exe, the malware is
capable of encrypting all files stored in the targeted computers using Blowfish algorithm. Hence, the malware makes the files useless. Moreover, the worm makes a registry entry (ies) that allows it to do automatic execution whenever the system startup. Interestingly, the new ransomware WORM_RANSOM.FD does not follow the function of a typical
ransomware which demands money for restoring encrypted files. Instead it gives a user three options to choose from to restore the affected files.
|My System Specs|
|10 Jul 2009||#2|
Among the three options, first tells the affected user to consult a reputed antivirus company that may help him to decrypt the files. The second suggestion says to the user that he could send an e-mail at email@example.com for a decryptor application to restore the affected files, while the third option includes recommendation of migrating from Windows Operating System (OS) to Linux to overcome the attack.
Besides, it has been found that the ransomware WORM_RANSOM.FD alters the filenames after encryption by adding .RWG extension. For example - if the name of an original file is DOCUMENT.TXT, then after encryption its name changes to DOCUMENT.TXT.RWG.
Security experts at Trend Micro have rated the ransonware as high-risk/moderate reward business model. This is primarily because it violates one of the main features many cyber criminals are using to develop malware. In addition, the payload could be easily seen and users are told that their files are made hostage.
With cyber criminals giving
Probably a Linux Fanboy created this virus. Note how they asked to switch to Linux. Why would they want to do that?
|My System Specs|
|Similar help and support threads for2: Trend Micro discovers new ransomware|
|Cannot remove Trend Micro||System Security|
|McAfee or Trend Micro||System Security|
|How to installed kaspersky and trend micro in one PC||Installation & Setup|
|Has anyone used Trend Micro Titanium?||System Security|
|Trend Micro - New DELL Laptop||System Security|
|VMware server, Trend Micro||Virtualization|
|Trend Micro||System Security|
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.
© Designer Media Ltd
All times are GMT -5. The time now is 10:11 AM.