Security Market Segment LS
Monday, 29 May 2006 20:42

Ransomware emerging as threat to online home users

The internet world has recently been encountering more and more malware attacks attempting to balckmail home users for profit, according to an internet security specialist.

Accordng to internet security firm, Trend Micro, a new type of malware threat called ‘ransomware’ is a continuation of ‘phishing,’ and is slowly becoming a greater threat to home computers.

Ransomware trap home users into schemes originally meant for large corporations. This change of targets has gradually altered the threat landscape; these internet extorters have realised that although targeting ‘big fish’ can result in large profit, targeting home users or small businesses presents a much smaller risk of being caught.

The term ‘ransomware’ first appeared in May 2005 with the discovery of TROJ_PGPCODER.A, a Trojan that used malware encryption to blackmail users directly for money. The malware quietly sneaks onto systems and automatically initiates blackmailing by encrypting certain files; unless the decoder is obtained and used, the files can no longer be read. The malware also leaves a text file explaining how to decode the files.

This malware was followed by three variants in October, TROJ_CRYZIP.A in March of this year, and the two newest member of the ransomware family,  TROJ_RANSOM.A, which causes a message to pop up on infected systems saying that the computer is locked and may only be unlocked when the affected user pays the Trojan's author, and TROJ_ARHIVEUS.A which blackmailed the user into accessing and purchasing products from several pharmaceutical Web sites in order to get the password to unlock the encrypted files.

Before the appearance of ransomware, online blackmail targeted large companies, mostly by BOT worms.

Many companies have received internet blackmail threats over the last several years. These companies sometimes cooperate with the authorities to track down these criminals, which are sometimes successful. For example, a criminal group captured in Russia in 2004 apparently blackmailed several sports gambling companies for hundreds of thousands of US dollars, but in March of 2004, the four were arrested after attempting to blackmail a large broadband company in Japan.

Some companies completely ignore these threats, leading to distributed denial of service attacks on their websites, which create a shocking number of hits that paralyse the site. Other companies agree to pay these ransoms, unwilling to publicise the issue in order to protect the company.

WEBINAR event: IT Alerting Best Practices 27 MAY 2PM AEST

LogicMonitor, the cloud-based IT infrastructure monitoring and intelligence platform, is hosting an online event at 2PM on May 27th aimed at educating IT administrators, managers and leaders about IT and network alerts.

This free webinar will share best practices for setting network alerts, negating alert fatigue, optimising an alerting strategy and proactive monitoring.

The event will start at 2pm AEST. Topics will include:

- Setting alert routing and thresholds

- Avoiding alert and email overload

- Learning from missed alerts

- Managing downtime effectively

The webinar will run for approximately one hour. Recordings will be made available to anyone who registers but cannot make the live event.



Security requirements such as confidentiality, integrity and authentication have become mandatory in most industries.

Data encryption methods previously used only by military and intelligence services have become common practice in all data transfer networks across all platforms, in all industries where information is sensitive and vital (financial and government institutions, critical infrastructure, data centres, and service providers).

Get the full details on Layer-1 encryption solutions straight from PacketLight’s optical networks experts.

This white paper titled, “When 1% of the Light Equals 100% of the Information” is a must read for anyone within the fiber optics, cybersecurity or related industry sectors.

To access click Download here.


Stan Beer


Stan Beer co-founded iTWire in 2005. With 30 plus years of experience working in IT and Australian technology media, Beer has published articles in most of the IT publications that have mattered, including the AFR, The Australian, SMH, The Age, as well as a multitude of trade publications.



Recent Comments