Rogueware with new Ransomware Technology™
Posted by Sean-Paul Correll at 08 October 09 01:05
The criminals behind Rogueware attacks are becoming increasingly aggressive in their approach to make money. We recently stumbled across a sample (Adware/TotalSecurity2009) which uses a ransomware technique to improve its sales. Once the computer becomes infected, Total Security forces the victim to purchase it before it will allow any files from being accessed on the system. When attempting to open a file, a message pops up in the notification area claiming that the application was blocked due to infection. The pop up recommends activating the "antivirus" software, which costs $79.95.
This would be a devistating blow to any user and would likely force the victim to purchase it, so we went ahead and cracked the sample to reveal all of the valid serial numbers. We're hoping that victims can find this blog post before shelling out any hard earned cash to these criminals.
http://pandalabs.pandasecurity.com/arch ... 2221_.aspx