Computer users anxious about viruses and identity theft have a new reason to worry: hackers have found a way to lock up the electronic documents on your computer and then demand a ransom for their return.
Security researchers at Websense, an Internet security company uncovered the unusual extortion plot when a corporate customer they would not identify fell victim to a virus that encrypted documents, photographs and spreadsheets. An Email was later sent demanding $200 for the digital keys to unlock the files.
“This is equivalent to someone coming into your home, putting your valuables in a safe and not telling you the combination,” Oliver Friedrichs, a security manager for the security company Symantec, said.
Leading security and antivirus firms this week were updating protective software for companies and consumers to guard against this type of attack, which experts dubbed “ransom-ware.” Computer users could be infected by using a vulnerable Internet browser to view a vandalised Website.
“This seems fully malicious,” Joe Stewart, a researcher at the security firm Lurhq who studied the attack software, said. Mr Stewart was able to unlock the infected computer files without paying the ransom, but he said that improved versions might be more difficult to overcome.
“You would have to pay the guy, or law enforcement would have to get his key to unencrypt the files,” Mr Stewart said. Internet attacks commonly become more effective as they evolve over time as hackers learn to avoid the mistakes of earlier infections.
The FBI said the scheme, which appears isolated, was unlike other Internet extortion crimes. The virus locked up at least 15 types of data files and left behind a note with instructions to send an Email to a particular address to purchase keys for unlocking the data. In an Email reply, the hacker demanded that the money should be transferred to an online bank account.
Paul Bresson, an FBI spokesman, said more familiar Internet extortion schemes involve hackers demanding tens of thousands of dollars and threatening to attack commercial Websites, interfering with sales or stealing customer data.
Experts said there were no widespread reports the new threat was spreading, and the Website from which the infection originated had already been shut down.
They also said that the hacker’s demand for payment might be his weakness, since bank transactions can be traced easily. “The problem is getting away with it,” Mr Stewart said. “You’ve got to send the money somewhere. If it involves some sort of monetary transaction, it’s far easier to trace than an Email account.”
Return to internet news headlines
View Internet News Archive