back to article Ransomware Trojan locks up infected PCs

A new strain of "Ransomware" that attempts to coerce victims into paying $35 to unlock their Windows PC, is doing the rounds. The scam uses a variety of premium rate numbers in different countries, and UK regulator PhonePayPlus is investigating the suspected misuse of a type of premium rate line normally used for sex lines in …

COMMENTS

This topic is closed for new posts.
  1. Barry

    Its.. PhonepayPlus

    I know because I work there

  2. Anonymous Coward
    Joke

    I wonder

    If they got the idea from Blue Peter (c), but your computer isnt really locked, you are just dial and paying for nothing anyway

  3. Miguel
    Heart

    Corrections....

    If you're going to correct someone, try not to make a mistake in the process ;)

  4. Steven Griffiths
    Linux

    Sounds familiar...

    Didn't MS get there first & call it Windows Genuine Advantage?

  5. Phil Rigby
    Paris Hilton

    This probably sounds dumb, but...

    ...if software can take over a machine like this and lock it out, then Windows is so badly designed/flawed it should be pulled from market until it's fixed. I'm not talking about some badly behaving app, but a piece of malware that can be this incredibly destructive (from a user perspective)? Think about it, if the lock on your front door could be so easily circumvented you'd send it back for a refund or the manufacturer would do a recall.

    BTW what versions of Windows are affected? Is Vista vulnerable to this? What exploits does it use? Are machines that are patched and up-to-date still affected?

  6. Anonymous Coward
    Anonymous Coward

    If anyone knows the 0909 number in full

    it should be possible to work back from there to the issuing company, who may just be quicker to act than the folks at PhonePayPlus.

    That's what I did when I was left a "call 07xxxx to arrange collection of your parcel" message on my mobile (presumably by a random dialer).

  7. Test Man
    Unhappy

    Re: This probably sounds dumb, but...

    Yes it does sound dumb. Your lock on your door CAN be circumvented. Why do you think burglars can break into houses without leaving much of a trace? What mitigates any potential loss of stuff is multiple locks, sturdy doors and a burglar alarm linked to the police, as well as the usual leave lights on, etc. stuff.

  8. Dennis
    Pirate

    Ransomware packages

    "Ransomware packages (which began appearing early in 2006)"

    What about the AIDS Trojan Horse distributed by Dr Joseph Popp in 1989. He was extradited from the US to the UK and charged with blackmail.

    http://en.wikipedia.org/wiki/AIDS_(trojan_horse)

  9. Morely Dotes
    Black Helicopters

    Someone has made a huge mistake

    The first time this trojan gets onto a US Government PC (or one owned by a government contractor), the VXers have committed a Federal 1st class felony, *and* can be declared "enemy combatants" if it happens to be a PC in the Defense industry.

    No subpoena and no court order of any kind will be required for the spooks to get all the relevant data from the premium rate phone operator, and the people who are ultimately getting paid will simply be "disappeared" to some place a bit less attractive than GitMo.

    While I would not hold up the CIA to be the sharpest crayons in the box, they are very, very good at doggedly following a money trail back to the people they consider to be "bad guys," and they aren't terribly gentle once those guys are found.

    I think some VXers somewhere have finally made a literally-fatal error.

  10. Phil Rigby
    Paris Hilton

    @Test Man

    Right. So why is Windows so easily beaten? Why can't there be multiple layers of security to prevent these kind of hijacks?

  11. Anonymous Coward
    Pirate

    PhonePayPlus (sheesh what an awful name!)

    " A spokesman added that he wasn't aware of previous UK cases where malware has been linked to attempts to prompt users into phoning premium rate lines. "

    Well, it's not quite "attempting to prompt users" into phoning premium rate lines, but premium line trojan porn diallers have been around since like forever.

    Which I guess is only one more example of how the telecomms regulatory bodies are still years behind in keeping up with the latest developments in telecomms.

  12. Mark Boothroyd
    Alert

    @Phil

    Re: So why is Windows so easily beaten? Why can't there be multiple layers of security to prevent these kind of hijacks?

    All systems can be beaten if a user or application has enough access. Even Linux etc. Give an application root access under Linux via su and goodbye system. Why would Windows be any different? (and no I'm not a M$ fanboy).

    Trojans by their very nature, infect a computer because the user let it in, hence the name Trojan. Normally by clicking on a link, by opening attachments in unsolicited emails etc etc. Stupid use is as stupid user does.

    All people have to do is keep their anti-virus software upto date and you shouldn't get infected. And as there are perfectly good anti-virus apps out there that are completely free for home use, so there are no excuses for anyone not to have current up to date antivirus on a windowz machine. (I use Avast myself with no probs, and it's A LOT less resource hungry that Nortons etc.)

    To allow an unprotected Windows based PC access to the Internet is downright irresponsible. Linux and Macs are different, as their market share is too small for anyone to bother with them, but PC's have to be protected.

    As long as there is a user sat at the keyboard that can be duped into running, opening or clicking on something, the system will always be vulnerable.

  13. Phil Endecott

    Barry Posted Thursday 3rd January 2008 15:21 GMT Re: I know because I work there

    Barry, stop correcting our CaPiTaLiSaTiOn and disconnect these bastards - who are presumably one of your association's MEMBERS.

  14. Paul
    Linux

    Food for thought

    Pr0n and chips, anyone?

    yuk yukyuk

    Yes, yes, yes, I know... my coat's to takeaway ----->

  15. Anonymous Coward
    Stop

    @Mark Boothroyd

    "All people have to do is keep their anti-virus software upto (sic) date and you shouldn't get infected. "

    Erk! Anti-virus software is always out of date. You cannot expect it to be able to cope with viruses it does not yet know about, while you merrily break every other rule in the security book. I'm surprised a Register reader doesn't know this.

  16. Anonymous Coward
    Anonymous Coward

    greedywaterrabbitt

    Well I keep all the important stuff on mem stick, so all I would do if attaked would be reinstall windows.

    By the way Phil is on to something. I've owned McAffee, Norton anti virus and they can''t hold a candle to avast plus avast is free, best anit virus I 've ever had.

    Put out a lot of money on McAfee and Norton when avast is supperior and cost nothing.

    U never no avast is there, except once in a while it tells u it has been updated.

  17. Ross

    Windows, security, etc, you get the picture

    To those folk that think it's entirely the fault of the OS :

    If you download and run code whilst using administrative privileges then you can't blame the OS when the program subverts it. That's your own stupid fault.

    If you download and run known malware code whilst running in userland and the the program exploits vulnerabilities in the OS to gain administrative or kernal level privileges and subverts it then you *still* can't blame the OS. That's your own stupid fault for not patching (if one is available) and running anti-virus to block the known malware.

    If you download and run unknown malware code whilst running in userland and the the program exploits vulnerabilities in the OS to gain administrative or kernal level privileges and subverts it then you can blame the OS.

    Personally I would like to try this little toy out - the article doesn't seem to mention that it encrypts your files, just "locks your desktop". I'm guessing Alt-F4, Alt-TAB, Start, Ctrl-Alt-Del, or as a last bash OFF should do the trick :o)

This topic is closed for new posts.