Latest Internet attack holds computer files hostage

[David Farber <dave () farber net>]

Begin forwarded message:

From: GLIGOR1 () aol com
Date: May 24, 2005 10:02:13 AM EDT
To: dave () farber net
Subject: For IP: Latest Internet attack holds computer files hostage


Latest Internet attack holds computer files hostage
Tuesday, May 24, 2005 Updated at 6:24 AM EDT

Associated Press

Washington — Computer users already anxious about viruses and  
identity theft have new reason to worry: Hackers have found a way to  
lock up electronic documents and then demand money to get them back.

Security researchers at San Diego-based Websense Inc. uncovered the  
unusual extortion plot when a corporate customer they would not  
identify fell victim to the infection, which encrypted files that  
included documents, photographs and spreadsheets.

A ransom note left behind included an e-mail address, and the  
attacker later demanded $200 (U.S.) for the digital keys to unlock  
the files.

“This is equivalent to someone coming into your home, putting your  
valuables in a safe and not telling you the combination,” said Oliver  
Friedrichs, a security manager for Symantec Corp.


The FBI said the scheme, which appears isolated, was unlike other  
Internet extortion crimes. Leading security and antivirus firms this  
week were updating protective software for companies and consumers to  
guard against this type of attack, which experts dubbed “ransom-ware.”

“This seems fully malicious,” said Joe Stewart, a researcher at  
Chicago-based Lurhq Corp. who studied the attack software.

Mr. Stewart managed to unlock the infected computer files without  
paying the extortion, but he worries that improved versions might be  
more difficult to overcome.

Internet attacks commonly become more effective as they evolve over  
time as hackers learn to avoid the mistakes of earlier infections.

“You would have to pay the guy, or law enforcement would have to get  
his key to unencrypt the files,” Mr. Stewart said.

The latest danger adds to the risks facing beleaguered Internet  
users, who must increasingly deal with categories of threats that  
include spyware, viruses, worms, phishing e-mail fraud and denial of  
service attacks.

FBI spokesman Paul Bresson said more familiar Internet extortion  
schemes involve hackers demanding tens of thousands of dollars and  
threatening to attack commercial websites, interfering with sales or  
stealing customer data.

Experts said there were no widespread reports the new threat was  
spreading, and the website was already shut down where the infection  
originally spread. They also said the hacker's demand for payment  
might be his weakness, since bank transactions can be traced easily.

“The problem is getting away with it -- you've got to send the money  
somewhere,” Mr. Stewart said. “If it involves some sort of monetary  
transaction, it's far easier to trace than an e-mail account.”



-------------------------------------
You are subscribed as lists-ip () insecure org
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/