Johannesburg, 25 May 2005
PC users are being warned of the latest security threat that could render their computer files inaccessible - unless they pay a ransom.
The new worm, identified as Trojan.pgpcoder by Symantec, utilises social engineering tactics to freeze the victim's computer files once activated, and attempts to extort money from the victim in order for the files to be unfrozen.
This threat is unique, says Symantec Middle East and Africa senior technical engineer Ivor Rankin, as the Trojan searches for a list of common files that it will then encrypt - removing the originals and preventing access to them.
Based on Symantec's research, it appears as though the author is requesting a specified payment in order to decrypt the original files.
"This attack is yet another indicator of the growing trend towards criminals using technology for financial gain. The good news is that this threat is not self-propagating, which limits its ability to spread in the wild."
The worm carries a fairly low threat at present, but security experts are divided on whether this could be the next major trend.
BitDefender Romania technical support engineer Robert Panduru believes such a scam will only likely affect a few people. "The fact that money needs to be placed into an account makes it much easier for authorities to track them. In my opinion, I don't believe this will pose a serious threat in the future."
However, NOD32 SA CEO Justin Stanford says we will definitely be seeing more of this in the future. "As with all information security issues, it starts off with a trial version that might be a little rough around the edges. The concept is then refined and improved."
Stanford agrees there are still too many holes in the concept at present, meaning it will not be a massive threat any time soon.
"Although it represents another new and ingenious way of invading the privacy of unsuspecting end-users and conning them out of their cash, it is a fairly dangerous method, with many uncertainties, and it involves a lot of contact and interaction between the user and perpetrator. Thus I don't expect it to become terribly common in the same way as phishing is, for example."
Related stories:
Alleged phishing runner detained
Share