[IP] Latest Internet attack holds computer files hostage

To: Ip ip <ip@xxxxxxxxxxxxxx>
Subject: [IP] Latest Internet attack holds computer files hostage
From: David Farber <dave@xxxxxxxxxx>
Date: Tue, 24 May 2005 18:52:00 -0400
List-help: <http://v2.listbox.com/doc/help_sub?list_name=ip@v2.listbox.com>
List-id: <ip@xxxxxxxxxxxxxx>
List-software: listbox.com v2.0
List-subscribe: <mailto:subscribe-ip@v2.listbox.com>, <http://v2.listbox.com/subscribe/?listname=ip@v2.listbox.com>
List-unsubscribe: <mailto:unsubscribe-ip@v2.listbox.com>, <http://v2.listbox.com/member/unsubscribe/?listname=ip@v2.listbox.com>
References: <fa.13d5587e.2fc48de5@xxxxxxx>
Reply-to: dave@xxxxxxxxxx
Sender: owner-ip@xxxxxxxxxxxxxx



Begin forwarded message:

From: GLIGOR1@xxxxxxx
Date: May 24, 2005 10:02:13 AM EDT
To: dave@xxxxxxxxxx
Subject: For IP: Latest Internet attack holds computer files hostage


Latest Internet attack holds computer files hostage
Tuesday, May 24, 2005 Updated at 6:24 AM EDT

Associated Press

Washington — Computer users already anxious about viruses andidentity theft have new reason to worry: Hackers have found a way tolock up electronic documents and then demand money to get them back.

Security researchers at San Diego-based Websense Inc. uncovered theunusual extortion plot when a corporate customer they would notidentify fell victim to the infection, which encrypted files thatincluded documents, photographs and spreadsheets.

A ransom note left behind included an e-mail address, and theattacker later demanded $200 (U.S.) for the digital keys to unlockthe files.

“This is equivalent to someone coming into your home, putting yourvaluables in a safe and not telling you the combination,” said OliverFriedrichs, a security manager for Symantec Corp.

The FBI said the scheme, which appears isolated, was unlike otherInternet extortion crimes. Leading security and antivirus firms thisweek were updating protective software for companies and consumers toguard against this type of attack, which experts dubbed “ransom-ware.”

“This seems fully malicious,” said Joe Stewart, a researcher atChicago-based Lurhq Corp. who studied the attack software.

Mr. Stewart managed to unlock the infected computer files withoutpaying the extortion, but he worries that improved versions might bemore difficult to overcome.

Internet attacks commonly become more effective as they evolve overtime as hackers learn to avoid the mistakes of earlier infections.

“You would have to pay the guy, or law enforcement would have to gethis key to unencrypt the files,” Mr. Stewart said.

The latest danger adds to the risks facing beleaguered Internetusers, who must increasingly deal with categories of threats thatinclude spyware, viruses, worms, phishing e-mail fraud and denial ofservice attacks.

FBI spokesman Paul Bresson said more familiar Internet extortionschemes involve hackers demanding tens of thousands of dollars andthreatening to attack commercial websites, interfering with sales orstealing customer data.

Experts said there were no widespread reports the new threat wasspreading, and the website was already shut down where the infectionoriginally spread. They also said the hacker's demand for paymentmight be his weakness, since bank transactions can be traced easily.

“The problem is getting away with it -- you've got to send the moneysomewhere,” Mr. Stewart said. “If it involves some sort of monetarytransaction, it's far easier to trace than an e-mail account.”




-------------------------------------
You are subscribed as roessler@xxxxxxxxxxxxxxxxxx
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/

Prev by Date: [IP] more on MS Security says to write down your passwords?!?!
Next by Date: [IP] Latest Internet attack holds computer files hostage
Previous by thread: [IP] more on MS Security says to write down your passwords?!?!
Next by thread: [IP] Latest Internet attack holds computer files hostage
Index(es):
- Date
- Thread