Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.

Windows 7: Trend Micro discovers new ransomware

09 Jul 2009   #1

Windows 7 Pro & Vista Home Premium
Trend Micro discovers new ransomware

According to Trend Micro security researchers, they have detected a new ransomware that proliferates through an e-mail on the internet. Trend
Micro have called the malware WORM_RANSOM.FD that seems as a mass mailing computer worm, but a detailed analysis of it has revealed that it contains a deadly payload. It has been discovered that
WORM_RANSOM.FD downloads from remote websites when visitors access those sites or it may download secretly by other malware on the targeted system. While the deadly payload does not affect some files with
extensions such as .dry, .rwg, .vxd, .dll, .inl and .exe, the malware is
capable of encrypting all files stored in the targeted computers using Blowfish algorithm. Hence, the malware makes the files useless. Moreover, the worm makes a registry entry (ies) that allows it to do automatic execution whenever the system startup. Interestingly, the new ransomware WORM_RANSOM.FD does not follow the function of a typical
ransomware which demands money for restoring encrypted files. Instead it gives a user three options to choose from to restore the affected files.


My System SpecsSystem Spec
10 Jul 2009   #2

Windows 7

Among the three options, first tells the affected user to consult a reputed antivirus company that may help him to decrypt the files. The second suggestion says to the user that he could send an e-mail at for a decryptor application to restore the affected files, while the third option includes recommendation of migrating from Windows Operating System (OS) to Linux to overcome the attack.
Besides, it has been found that the ransomware WORM_RANSOM.FD alters the filenames after encryption by adding .RWG extension. For example - if the name of an original file is DOCUMENT.TXT, then after encryption its name changes to DOCUMENT.TXT.RWG.
Security experts at Trend Micro have rated the ransonware as high-risk/moderate reward business model. This is primarily because it violates one of the main features many cyber criminals are using to develop malware. In addition, the payload could be easily seen and users are told that their files are made hostage.
With cyber criminals giving
Thanks for the information.

Probably a Linux Fanboy created this virus. Note how they asked to switch to Linux. Why would they want to do that?
My System SpecsSystem Spec
11 Jul 2009   #3

Windows 7 Pro & Vista Home Premium


I particularly like that 3rd option
My System SpecsSystem Spec

 Trend Micro discovers new ransomware

Thread Tools

Similar help and support threads for2: Trend Micro discovers new ransomware
Thread Forum
Solved Cannot remove Trend Micro System Security
Solved McAfee or Trend Micro System Security
How to installed kaspersky and trend micro in one PC Installation & Setup
Has anyone used Trend Micro Titanium? System Security
Trend Micro - New DELL Laptop System Security
VMware server, Trend Micro Virtualization
Trend Micro System Security

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 10:11 AM.
Twitter Facebook Google+

Windows 7 Forums

Seven Forums Android App Seven Forums IOS App