Telstra has revealed the addition of almost one million new mobile services in the six months to December 2011, but Sensis revenues plummeted 24 percent in 12 months.
Last week, threat researchers at security vendor Trend Micro discovered a new ransomware sample making its rounds. The TROJ_ARHIVEUS.A trojan offers a twist in that the writer takes an indirect approach, forcing the victim to patronise a specific online pharmacy if the victim wants to get de-bugged.
According to Adam Biviano, premium services manager, at Trend Micro
Australia and New Zealand, this tactic may be the sign of things to
come. “Like any malware, this trojan is just another point in the
overall threat landscape”, says Biviano. “But with the culmination of
phishing, spyware, and spam, in addition to the ‘ransom note’, it seems
to follow the larger emerging trend we’ve seen over the past year,
whereby many different types of threats are employed simultaneously.”
Biviano adds that as the security industry continues to make gains
against spam – the method by which most online pharmacies reach their
target audience – these illegitimate businesses will naturally try to
find new ways to make money.
TROJ_ARHIVEUS.A works by accessing the files in the user's ‘My
Documents’ folder, bringing together the contents into one encrypted
file, ‘EncryptedFiles.als’, then deleting the originals. It also drops
two new files on the user’s system, which are necessary to restore the
original content.
The so-called ‘ransom note’ begins by warning the user not to bother
calling police or taking any other defensive action, lest their files
be rendered unrecoverable. And like most such messages, the tone is
harsh and controlling throughout the bulk of the text. But what makes
TROJ_ARHIVEUS.A unique is the dramatic shift at the end. The tone
suddenly becomes positive and upbeat, with “WE DO NOT ASK YOU FOR ANY
MONEY! We only want to do business with you. You can even EARN extra
money with us.”
“Regardless of the tone, extortion is still extortion” adds Biviano,
commenting on the note’s message that making a purchase with the online
pharmacy is the ‘only way’ to restore one’s files. “Whether through the
forced purchase of a product, or by just sending money directly, the
writer is still forcing people to pay to regain what is theirs.”
Trend Micro advises users to ignore the message within this malware,
and contact their security vendor for the safe removal of this trojan,
as well as the recovery of the user’s files. According to Biviano, many
of the ransom note’s claims simply are not true. “Through a bit of
reverse engineering, we can determine the password ourselves”, said
Biviano. “Despite this writer’s claim that the encryption program is no
longer on your hard drive, it is – it has to be, since it is necessary
to extract the files.”
David Bass
| For the fourth year in a row, IDC has placed content security provider Websense (NASDAQ: WBSN) at the top of the IDC Worldwide Web Security 2011 –…
How to Make Business Discovery Work for Your Business
Business Discovery takes its cues from consumer apps. Like Google, it encourages us- ers to hunt for and explore data without worrying about or even noticing the underly- ing technology. Their entire experience is working within an intuitive interface to get real-time, self-service results with only minimal training. ...more
Try an easy-to-use set of web-enabled
tools for business-class productivity services. Office 365 provides
anywhere-access to email, important documents, contacts, and calendars
on almost any device.
LATEST HEADLINES FROM YOUR IT
