Rogueware with new Ransomware Technology™

The latest malware threats from across the security forums

Moderators: Admin Team, Moderators

User avatar
Spudz
Posts: 1856
Joined: Mon Jul 20, 2009 4:35 am
Area Of Expertise: General guidance and advice
experience: Not only can I turn PC on, I know most of its functions too
PC time: Alot more than I should
Location: Kent, UK
Contact:

Rogueware with new Ransomware Technology™

Postby Spudz » Thu Oct 08, 2009 10:39 am

Rogueware with new Ransomware Technology™
Posted by Sean-Paul Correll at 08 October 09 01:05

The criminals behind Rogueware attacks are becoming increasingly aggressive in their approach to make money. We recently stumbled across a sample (Adware/TotalSecurity2009) which uses a ransomware technique to improve its sales. Once the computer becomes infected, Total Security forces the victim to purchase it before it will allow any files from being accessed on the system. When attempting to open a file, a message pops up in the notification area claiming that the application was blocked due to infection. The pop up recommends activating the "antivirus" software, which costs $79.95.

This would be a devistating blow to any user and would likely force the victim to purchase it, so we went ahead and cracked the sample to reveal all of the valid serial numbers. We're hoping that victims can find this blog post before shelling out any hard earned cash to these criminals.


http://pandalabs.pandasecurity.com/arch ... 2221_.aspx
Spam - Uninteresting garbage quickly deleted.
Spammer - A parasitic worm intent on creating internet misery.

Image

User avatar
Mystery
Posts: 232
Joined: Fri Jul 10, 2009 7:56 am
Gender: Female
experience: Not only can I turn PC on, I know most of its functions too
PC time: Alot more than I should
Location: Switzerland
Contact:

Re: Rogueware with new Ransomware Technology™

Postby Mystery » Fri Oct 09, 2009 12:29 am

Wow, that's indeed pretty aggressive :evil:
Thanks for sharing Spudz :)
Why do geeks think Halloween and Christmas occur on the same day?
Because 31oct = 25dec ;)

User avatar
zaphod
Posts: 100
Joined: Fri Sep 04, 2009 5:53 am
Area Of Expertise: XP, PHP
experience: Just call me Mr. Gates
PC time: What else is there in life?
Location: Casper, WY
Contact:

Re: Rogueware with new Ransomware Technology™

Postby zaphod » Sat Oct 10, 2009 12:25 am

HMMM...

What is needed now is a site that acts like a registration code clearinghouse for all these rouge-ware applications.

Even going as far as giving proper credit to the groups that crack them. Maybe Razor1911, or Drink or Die would even come up with a (clean) keygen to crack these. White-hat piracy, I never thought I would see the day!

Zap :twisted:
Get Protected, Stay Protected...
SpambotSecurity.com , The home of ZB Block

User avatar
Mystery
Posts: 232
Joined: Fri Jul 10, 2009 7:56 am
Gender: Female
experience: Not only can I turn PC on, I know most of its functions too
PC time: Alot more than I should
Location: Switzerland
Contact:

Re: Rogueware with new Ransomware Technology™

Postby Mystery » Sat Oct 10, 2009 6:07 pm

Oh, it's not for the first time that a serial number or required code has been cracked by security professionals to help victims. There was some russian malware that blocked the pc completely unless you entered a code (that you needed to get by sms if I remember well).
But indeed such *tricks* make things more complicated, and finding the needed info that may be published on some security related blogs is probably not easy for all users.
Why do geeks think Halloween and Christmas occur on the same day?
Because 31oct = 25dec ;)

User avatar
Spudz
Posts: 1856
Joined: Mon Jul 20, 2009 4:35 am
Area Of Expertise: General guidance and advice
experience: Not only can I turn PC on, I know most of its functions too
PC time: Alot more than I should
Location: Kent, UK
Contact:

Re: Rogueware with new Ransomware Technology™

Postby Spudz » Sat Oct 10, 2009 6:13 pm

A good point Mystery :) I expect we may see this new trend in the rogue AVs becoming more popular by the week. I wonder what scummy little tricks they have up their sleeves for when this trend is eventually stopped by Anti-malware groups.
Spam - Uninteresting garbage quickly deleted.
Spammer - A parasitic worm intent on creating internet misery.

Image


Return to “Latest Malware Threats”

Who is online

Users browsing this forum: Bing [Bot] and 1 guest